Avecto says Apple co-founder’s Twitter hack highlights need for strong account security
September 2011 by Avecto
Reports that the Twitter account of Steve Wozniak – the co-founder of Apple – has been hacked may sound amusing, but the potential for disaster when a high-profile Twitter user’s account is hacked is significant, says Avecto, the Windows privilege management specialist.
According to Paul Kenyon, Avecto’s chief operating officer, Wozniak – who is keynoting next month’s IP Expo event in London – has been raising his profile of late and, unknown to many, is still officially on the payroll with Apple.
“This latest Twitter hacking incident - in which his account apparently tweeted: “I made $781 today working a few hour from home check this out!” is pretty standard for a low-level hack of the social media micro-blogging service. The danger is that less tech-savvy Twitter users might click through the attached link and potentially infect their computers,” he said.
“Judging from the media reports on the hack, it sounds as though Mr Wozniak has been on vacation, and this may explain why one of computers has apparently been click-jacked, perhaps a laptop in use on a public access WiFi connection where man-in-the-middle attacks can be a problem,” he added.
Keynon went on to say that he suspects that Mr Wosniak – as one of the co-founders of Apple – probably has the good fortune to earn more than $781 a day, and is also probably a little embarrassed over the hack, although his tweets give no indication of this.
What this incident – and other high-profile Twitter account hacks – illustrate, is that it is alarmingly easy to have an Internet account hacked and, whilst this particular crack is mildly amusing, the messages sent by the hacker could have been a lot darker, he explained.
Avecto has come across instances where corporate accounts have been hacked for profit, usually where intellectual property or similar corporate espionage, is taking place, and in the space of a few seconds, a financial loss to the company concerned is triggered.
“The sad reality,” says Keynon, “is that cybercriminals and corporate rivals can – and do – take advantage of slight weaknesses on the security front and in no time unauthorised people are able to enter the account and access all manner of personal and corporate data.”
“And this is where privileged account management enters the frame. By carefully controlling what an account is capable of doing - and locking down high level access to only those people that really need access - privileged account management can help to prevent the kind of account security faux pas that could mean a lot more than a few errant messages on Twitter appearing,” he said.
“And where company intellectual property issues are involved - as Mr Wozniak will undoubtedly confirm when he gets back from vacation – you simply can’t be too careful. Knowledge isn’t just power any more – it is also about corporate revenues,” he concluded.