AP tweet that rattled stock markets exposes media vulnerability
The news media are relying more on social media – both as a reporting tool and to disseminate their own content. But a hack of the AP Twitter account shows how things can go wrong.
(Page 2 of 2)
Meanwhile, major news outlets including The New York Times and Bloomberg News are also approaching the problem from a different direction. They are employing services such as Storyful that quickly verify whether social media posts from other organizations or random users are accurate.Skip to next paragraph
Subscribe Today to the Monitor
More broadly, newsrooms nationwide are urging reporters to strengthen passwords, to change them more often, and to be more aware of how hackers work.
AP reporter Mike Baker told his Twitter followers that he was a victim of phishing, a tactic in which hackers parading as legitimate entities send e-mails that ask for sensitive information, such as passwords or account numbers.
AP responded to the attack by shutting off all its Twitter accounts until all passwords were checked, which was the right thing to do, says Mr. LaMotte. But the damage was done.
The agency has won back many of the Twitter followers it lost, “but still the brand name is tarnished,” says Ari Zoldan, CEO of Quantum Networks, which specializes in next-generation communication devices. "Fortunately, there are lots of off-the-shelf and easy-to-use systems already out there that people just don’t know about yet.”
One firm, Dashlane.com, sells password-generating software that takes the onus off of individuals to create and remember an array of names or dates. The firm’s research shows that the average American has 50 passwords. Hackers know the conventional processes by which users create them – birth dates or relatives' or children’s names – and have designed algorithms to identify them.
“Companies will be sinking millions into this because their very reputations are at stake,” says Mr. Zoldan.
Some analysts say the AP episode underlines the new, dangerously interlinked world, and they urge caution.
“No matter how much encryption software becomes available, it will never be 100 percent effective,” says Mark Tatge, a professor of communication at DePauw University in Greencastle, Ind. He thinks companies should stop relying so heavily on cloud technologies that store massive amounts of sensitive data.
"We’re putting terabytes and terabytes and terabytes of data where it can be conveniently used from many locations – and that’s the attraction,” he says. “It’s cheap and efficient … but companies have to learn to not put so much information in there if they are going to be devastated when someone gets ahold of it.”
• Staff writer Gloria Goodale contributed to this report.