Hackers Hack Hearing for Alleged Twitter Hacker

In an absolute surprise to no one, hackers interrupted a bond hearing for one of the alleged hackers behind the very public Twitter hack that we previously covered. The hearing was set to be held via Zoom, and as a larger number of people found out in the early days of the COVID-19 pandemic via “Zoombombing”…

“So what happened”

Following the hacking of notable public figures on Twitter on July 15, the United States Department of Justice charged three individuals with being the masterminds behind everything.  While the specific details of “how” the hack happened are still murky, the DoJ moved forward with a bond hearing on August 5 for one of the individuals.

Due to the ongoing pandemic, the Hillsborough County, Florida court opted to hold the hearing via Zoom, and through public records, filed a notice for the hearing that included the Zoom meeting time and ID number so that the public and anyone else could attend.

Unfortunately, the meeting was not configured in a secure way, which allowed not only people to unmute their microphones, but to also present their screen. Within a minute of the hearing starting, someone was shown adjusting their mask, followed by someone blasting loud music.

The presiding judge attempted to remove the attendees causing problems to restore order.  However, just a minute later the final straw came when an attendee presented their screen showing an explicit video.  After about 15 seconds of it being on screen for all of the attendees, the judge terminated the broadcast and did not resume it.

“So how do you stop something like this from happening?

The problem here is that Zoom is a readily available technology that anyone can just pick up and use.  The company’s focus is on making a product that works easily, and can be used by anyone and everyone. In the world of IT, this is the goal.  Companies like Microsoft, Google, and even Facebook, work hard to create and provide technology that just works. This is great for anyone who may not be technologically savvy and as a result, allows digital access for millions of people.

The issue with this instance, as is the case with IT solutions everywhere, is that just because something works, doesn’t mean it works securely.  With Zoom, it’s very easy to configure the meeting in a way that prevents people from unmuting themselves or hijacking the meeting by sharing their screen.  In fact, we’ve covered this elsewhere on the ACT.

As a result, if you roll out a new IT solution, and don’t know what you’re looking for, or don’t have the knowledge about how to secure it, your decisions can hurt you and your organization. So what can you do? Make sure to stay on top of the latest cybersecurity threats by subscribing to the ACT Digest - a bi-weekly email that covers the latest cybersecurity threats, and how to stop them.  And if you’re worried about whether or not your organization's IT network and devices are secure, you should check out our Vulnerability Assessment to help you understand where your organization is vulnerable - before hackers do.

Follow us - stay ahead.

Read more of the ACT