Illustration: Aïda Amer/Axios

Twitter's major security incident Wednesday — in which hackers took over the accounts of Joe Biden, Barack Obama, Elon Musk, Bill Gates and other notable figures to push a cryptocurrency scam — stunned the worlds of politics and tech.

Why it matters: As bad as Wednesday's rampage was — and it was bad — the real fallout came as business leaders, politicians and everyday users realized that their chosen network for real-time information is even more vulnerable to being hijacked than they thought.

Driving the news:

  • The accounts of high-profile individuals and corporations were compromised within a short period of time Wednesday afternoon, allowing the posting of a message luring people to deposit bitcoin in a specific account.
  • Late Wednesday, Twitter posted: "We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools."
  • Aiming to contain the problem, Twitter for a time prevented all verified accounts (those of journalists, politicians, celebrities, and other public actors) from posting new messages.

What they're saying: Twitter said its investigation is still ongoing.

  • "We know [the attackers] used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf," the company said in a tweet. "We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it."

The big picture: Experts pointed out that the plot to steal bitcoin was small potatoes compared with the much worse things a malefactor could do with access to Twitter's highest profile accounts.

  • President Trump essentially governs via the social network, dictating new policies and threatening other world leaders. In the wrong hands, that account could start a war. (Trump's account did not appear to be compromised in this incident.)
  • Many have long warned of this danger. I wrote in 2016 that President Trump should ditch his cell phone (and Twitter) for the sake of national security.

Between the lines: Some of the deeper problems revealed Wednesday relate to Twitter's structure.

  • The blue check mark next to a name is supposed to indicate that you can trust the identity of the account.
  • But those are exactly the accounts that were compromised.

Twitter's response blocking all verified accounts from posting, an understandable tactic to limit the spread of the scam, created its own problems.

  • Deprived of their main accounts, many prominent Tweeters turned to old secondary accounts, friends' accounts or all-new accounts to keep posting. Some news outlets, like NBC News, posted to temporary accounts, while others sent out news from less prominent accounts.
  • This workaround allowed them to keep the messages flowing. But it created new long-term problems for Twitter's information climate, since the same method could be used by impersonators to spread misinformation or scams of their own.

What's next: With Twitter's prominence in politics, lawmakers are also promising inquiries.

  • Before the situation had even been resolved, Sen. Josh Hawley (R-Mo.) sent a note to the company demanding answers.
  • And, as former FTC technologist Ashkan Soltani points out, Twitter settled with that agency in 2010 over previous lapses that allowed administrative access to accounts.

Go deeper

Facebook and Twitter, the reluctant gatekeepers

Illustration: Annelise Capossela/Axios

Deciding who gets to say what online is a complex business in the best of times, and the 2020 election is showing social media platforms just how messy it can get.

The big picture: Balancing concerns over misinformation, hacking and foreign meddling against free-speech principles is already hard enough. Tackling it in real time in the middle of a political knife fight is almost certainly going to go awry.

Elliott Broidy says Twitter should take action on other hack and leak stories

Illustration: Sarah Grillo/Axios

Elliott Broidy, a top Republican fundraiser expected to plead guilty in a foreign lobbying case, is challenging Twitter over its handling of content related to "hacked materials."

What's happening: Broidy wants Twitter to explain why information from hacked and leaked materials about his case was allowed to remain on the site, while Twitter took swift action to suppress a New York Post story about Hunter Biden allegedly based on hacked and released materials, according to a letter obtained by Axios.

Oct 16, 2020 - Politics & Policy

Media becomes the story ahead of Election Day

Illustration: Rebecca Zisser/Axios

With just weeks to go until Nov. 3, controversies surrounding the media seem to be gobbling up most of country's attention.

Why it matters: In a healthy democracy, the media shouldn't be the story.