Obama Campaign Twitter Account Hacked – Privileged Admin Credentials Exploited

For those of us in the information security business, there are two interesting parts of the attack last  week on the Obama Campaign’s Twitter account.

First, social media accounts need to be treated the same as other shared admin credentials like “root” and “sysadmin”.  Social media admin accounts have incredible levels of privileges, such as complete control over content and the ability to delegate administrative privileges with unknown users.  These accounts are also oftentimes shared by many users, including employees, agencies or contractors hired to manage social media programs. A privileged identity management solution that protects the credential and creates accountability is a must.  What’s more, real-time monitoring needs to be in place so that at the first sign of trouble, the organization can respond immediately.

Second, the attack on President Obama’s campaign Twitter account highlights that applications (like link shorteners) that interface with Twitter, Facebook and other social accounts can also be an attack vector.  They store admin credentials to facilitate management and this creates a serious vulnerability.

The moral of the story, whether for human users or applications that store admin credentials, is best practices in managing privileged system admin accounts must also be applied to social media admin accounts.

For more information on this attack, check out the article on Mashable.

Monday, November 4, 2013