Twitter has sent messages to news organisations warning them about future attacks and providing them with a list of security tips, in the wake of a slew of account hijacks.
But analysts are not wholly impressed with the micro-blogging firm’s attitude to security.
The Syrian Electronic Army has been causing carnage on Twitter of late, hacking accounts belonging to prominent media bodies, including AP, the BBC and the Guardian.
That’s why Twitter sent out advice to various organisations last night. But one particular recommendation has invited scorn – to designate one computer for Twitter use, and to not use that machine for reading email or using the Internet.
“It is ridiculous. Not only is it unreasonable for consumers to take that kind of advice because it is simply expensive, but it is not suitable for businesses either,” Simon Edwards, technical director of Dennis Technology Labs and founding member of the Anti Malware Testing Standards Organisation, told TechWeekEurope.
He was also concerned about the lack of two-factor authentication – something Twitter has been called out on numerous times. Google and Facebook both offer it, so Twitter should too, the argument goes.
Twitter asks for mobile numbers during the sign-up process, so it should not take a huge effort to implement two-factor authentication where a unique code is sent to the mobile device, Edwards added.
The email sent to media last night, from the Twitter News Team, offered various pieces of password advice, saying they should contain elements of randomness and be changed regularly. But there have been no promises or even hints two-factor authentication will arrive.
Companies should create a formal incident response plan for a Twitter account hijack too, the team said, offering assistance for phishing attacks.
“We believe that these attacks will continue, and that news and media organizations will continue to be high value targets to hackers,” the email read.
“These incidents appear to be spear phishing attacks that target your corporate email. Promoting individual awareness of these attacks within your organisation and following the security guidelines below is vital to preventing abuse of your Twitter accounts.”
Are you a security expert? Try our quiz!
Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…
Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC
Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…
Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…
Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…
Elon Musk continues to provoke the ire of various leaders around the world with his…