AP tweet that rattled stock markets exposes media vulnerability

The news media are relying more on social media – both as a reporting tool and to disseminate their own content. But a hack of the AP Twitter account shows how things can go wrong.

Richard Drew / AP
Jonathan Corpina (r.) and James Denaro work on the floor of the New York Stock Exchange, April 24, the day that hackers sent out a false tweet on the AP feed reporting that the White House had been bombed – causing a temporary $200 billion drop in US stock markets.

The hacking of the Associated Press Twitter account this week underscored the need for news media to protect themselves against future attacks.

Hackers sent out a false tweet on the AP feed Tuesday reporting that the White House had been bombed – causing a temporary $200 billion drop in US stock markets. The CBS flagship news magazine shows, “60 Minutes” and “48 Hours,” also had their Twitter accounts hacked.

For news organizations whose reputations are built on credibility, the concern is real – particularly as social media feeds become an increasingly integral part of the news media's overall strategy.

“The media are really rushing to brainstorm about what they need to do to not only make sure that this doesn’t happen again, but to reassure the public that they are reputable and trustworthy,” says Peter LaMotte of Levick, a Washington D.C.-based public relations firm. “What is more concerning about this AP episode is that it went right at the heart of what the company is all about – its reputation for accuracy.”

[Editor's note: The original version of this article misspelled Mr. LaMotte's name and incorrectly described Levick.]

The number of such episodes have been on the rise in recent years, he says, noting that both Burger King and Jeep were the victims of hacking pranks. In the AP's case, the Syrian Electronic Army – known to support President Bashar al-Assad – claimed responsibility for the hack.

Both the social media industry and news outlets are taking steps to try to head off future hacks.

For example, Twitter is moving toward a two-step authentication process as a way to improve security, according to Wired. Anytime a user tweets from a new device, the user would need to input a random code messaged to their cellphone. Google and Facebook already use such a two-step process.

Meanwhile, major news outlets including The New York Times and Bloomberg News are also approaching the problem from a different direction. They are employing services such as Storyful that quickly verify whether social media posts from other organizations or random users are accurate. 

More broadly, newsrooms nationwide are urging reporters to strengthen passwords, to change them more often, and to be more aware of how hackers work.

AP reporter Mike Baker told his Twitter followers that he was a victim of phishing, a tactic in which hackers parading as legitimate entities send e-mails that ask for sensitive information, such as passwords or account numbers.

AP responded to the attack by shutting off all its Twitter accounts until all passwords were checked, which was the right thing to do, says Mr. LaMotte. But the damage was done.

The agency has won back many of the Twitter followers it lost, “but still the brand name is tarnished,” says Ari Zoldan, CEO of Quantum Networks, which specializes in next-generation communication devices. "Fortunately, there are lots of off-the-shelf and easy-to-use systems already out there that people just don’t know about yet.”

One firm, Dashlane.com, sells password-generating software that takes the onus off of individuals to create and remember an array of names or dates. The firm’s research shows that the average American has 50 passwords. Hackers know the conventional processes by which users create them – birth dates or relatives' or children’s names – and have designed algorithms to identify them.

“Companies will be sinking millions into this because their very reputations are at stake,” says Mr. Zoldan.

Some analysts say the AP episode underlines the new, dangerously interlinked world, and they urge caution.

“No matter how much encryption software becomes available, it will never be 100 percent effective,” says Mark Tatge, a professor of communication at DePauw University in Greencastle, Ind. He thinks companies should stop relying so heavily on cloud technologies that store massive amounts of sensitive data.

"We’re putting terabytes and terabytes and terabytes of data where it can be conveniently used from many locations – and that’s the attraction,” he says. “It’s cheap and efficient … but companies have to learn to not put so much information in there if they are going to be devastated when someone gets ahold of it.”

• Staff writer Gloria Goodale contributed to this report.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to AP tweet that rattled stock markets exposes media vulnerability
Read this article in
QR Code to Subscription page
Start your subscription today