At least 30 Twitter accounts received a disturbing message from the site late last week, warning that they may have been targeted by government or state-sponsored hackers.
Canadian non-profit Coldhak, which focuses on privacy and freedom of speech issues, was one of the first to reveal that they had received the warning from Twitter, and included a screenshot of the message’s contents:
We received a warning from @twitter today stating we may be "targeted by state-sponsored actors" pic.twitter.com/oZm83eVFC5
— coldhak (@coldhakca) December 11, 2015
Part of the message being sent out by Twitter reads as follows:
As a precaution, we are alerting you that your Twitter account is one of a small group of accounts that may have been targeted by state-sponsored actors. We believe that these actors (possibly associated with a government) may have been trying to obtain information such as email addresses, IP addresses and/or phone numbers.
Most people, of course, have their Twitter accounts open to the public – so what information associated with accounts could spies be interested in?
The answer is, of course, that information which Twitter accounts don’t make public: your email address, the IP address of the computer you use to access Twitter, your mobile phone number and potentially any private direct messages you exchange with other Twitter users.
Twitter doesn’t mention direct message as being at risk, so perhaps in this instance the intent of whoever appears to have been trying to target particular accounts was more interested in identifying who was behind the accounts and their contact details, rather than specifically what they might have been privately saying on the network.
Jens Kubieziel has created a Twitter list of users known to have received the warning about state-sponsored attacks. At the time of writing, the list contains over 30 accounts – several of which belong to security researchers, activists and journalists who cover privacy and surveillance issues.
However, it is proving difficult to find a common thread between the Twitter accounts who have received the warning – which means it is also tricky to determine which country might be behind the attacks.
In other words, there are no clues to point observers in the direction of whether the attackers are working for China, the United States, the UK, Russia, or umpteen other potential suspects.
Determining precisely what is happening is made more difficult by the small amount of information that Twitter has shared, which sadly includes no details of why it believes that the users may have been targeted. It’s possible, of course, that Twitter is keen not to reveal too much in case it sheds light on its methods to those trying to hack into accounts.
The good news is that Twitter says it has no evidence that any private information has been successfully compromised, but the firm says it will continue to investigate.
To its credit, Twitter is recommending that users who wish to better protect their privacy online consider using Tor and follow the advice of the Electronic Frontier Foundation (EFF) on how to better defend your privacy on social networks. Frankly, that is probably good advice for an ever-growing number of internet users.
Twitter isn’t the first website to warn its users that they could have been targeted by state-sponsored hackers.
Facebook, for instance, announced in October that it would be warning users when it determined such attacks were in process, and advised that enabling Login Approvals would offer a higher level of protection for accounts.
Meanwhile, back in 2012, Google blogged about a security warning it would display for accounts that it believed state-sponsored hackers had tried to compromise.
flickr photo shared by Spencer E Holtaway under a Creative Commons ( BY-ND ) license.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.