Clickability tracking pixel

Fake Tweet? Dealing with the AP Twitter feed hack

There has been a lot of discussion over the past week about Twitter and the power of social media following the breach of the Associated Press (AP) Twitter feed last Tuesday. Bottom line, each of us still needs to decide: Can I trust that tweet?

by / April 27, 2013

There has been a lot of discussion over the past week about Twitter and the power of social media following the breach of the Associated Press (AP) Twitter feed last Tuesday.

After the verified AP Twitter feed was hacked, a message was sent out that read, “Breaking: Two explosions in the White House and Barrack Obama is injured.”  

Immediately, the stock market dropped dramatically. Stocks recovered after it became clear what happened.

Other Fake Tweets?

 In case you’re wondering, no, this is not the first time that fake tweets have caused a public reaction. Twitter accounts have also been hacked from National Public Radio, CBS 60 Minutes and Reuters News.

In addition, Twitter business accounts for Burger King and Jeep were also hacked in the past. In the case of Burger King, the tweets made their site look like McDonalds. In response, McDonalds tweeted back that they had nothing to do with the breach – or tweets about the Whopper sandwich becoming a Big Mac.

Back in 2009, millions of people were duped by fake Twitter accounts with quotes from celebrities. “A phony account under the name of film star Christopher Walken and bearing his picture is still regularly read by more than 90,000 people.” Since that time, Twitter has cracked down on fake accounts and put “verified” accounts in place.

Digging Deeper Into Fake Tweet Consequences

What is now clear is that reading a tweet from a trusted source may never be the same.

The Huffington Post asked: Does Twitter have a credibility problem? “The latest hack was by far the most significant: the single AP tweet stunned investors and effectively wiped out $136.5 billion of the S&P 500 index's value in a matter of minutes.”

Now the SEC and FBI are even probing the fake tweets for securities fraud. Here’s an excerpt from USA Today:

“Stolen log-ons for financial and social media accounts readily flow through underground forums, and over the past week, there has been a big infusion of freshly stolen data. ‘Hackers are compromising our computing devices and then spreading false information that can be damaging to an individual or a company,’ Sherry says.

In the wake of the Boston Marathon bombings and devastating explosion in West, Texas, "phishers" sent out links to disaster videos in millions of e-mail messages. Clicking on one of these links displayed the video — but also infected the computing device.”

Getting Personal: Knowing Who, What, When, Where and How We Communicate

So how can we learn from recent incidents? What are we to do with an incredible tweet with news from a trusted source?

 The first step is awareness. Understand our current social media environment. Know that fake tweets (and fake emails or text message scams) abound. There is even a fake Tweet builder website out there. (Be
aware that fake Twitter followers are a growing multi-million dollar business.)

The second step is to keep a healthy dose of skepticism on dramatic claims/news. We’ve seen denial of service attacks, intellectual property stolen, bank accounts drained, but now this misinformation campaign. So… double check your sources. When announcements come of bombs going off (or worse), check several reputable sites or feeds to gain additional information.

No doubt, this hesitancy takes away some of benefits of tweets and fast information. But what is more important, getting the data or information right or getting it fast? Yes, we want both, if possible. Nevertheless, we now realize that mistakes can and will be made – and cause harm.

Third, use stronger authentication systems on your own Twitter or other social media accounts. Add two-factor logon, when it becomes available. This may require a smartphone pin, email or text message to gain
access, but can make the process more secure. While two-factor authentication will help, it will not make this problem go away. Therefore, we still need steps 1+2.


 In conclusion, the recent false alarms with Twitter should signal the need to take a step back and relook at how much trust we place on various channels and real-time messages. Beyond Twitter, there are false messages on websites, Facebook pages and other social media apps. Who is really sending these messages?

 Our new high-tech tools provide easier ways to share data quickly, but quality is always hard. For example, I received tweets about the Boston bombers having foreign ties alongside other tweets that said they were definitely acting alone as Americans. Weeks later, we are still sorting out that intelligence information.

Which raises the question, should we be tweeting about those more complex topics anyway? Are our tools being used with proper online etiquette and effective controls? There were many people who displayed bad taste with Twitter during the Boston bombings.

Bottom line, each of us still needs to decide: Can I trust that tweet?   

Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso

E.REPUBLIC Platforms & Programs