Join The Discussion

 

RadioShack sees stock jump on investment report

Fort Worth-based RadioShack saw its stock increase as much as 45 percent on Friday as investor Standard General LP said it was continuing talks on new financing for the electronics retailer.

read more >

Fort Worth couple gets in 'Shark Tank,' comes out with deal

A Fort Worth couple who started a business when they couldn’t sleep, were the first entrepreneurs to get a deal on ABC’s Shark Tank in the season premiere on Sept. 26.

read more >

20 from Dallas-Fort Worth on Forbes wealthiest list

There are 20 Dallas-Fort Worth residents listed among the 400 richest Americans, according to the Forbes 400 list of The Richest People in America 2014.

read more >

Internal audit says EPA mismanaged Fort Worth project

FORT WORTH, Texas (AP) — An internal audit by the U.S. Environmental Protection Agency reveals the agency mismanaged an experiment using new ways to demolish asbestos-ridden buildings.

read more >

Texas Wesleyan acquires two strip shopping centers on East Rosedale

Texas Wesleyan University has purchased two strip shopping centers on East Rosedale Street across from its Southeast Fort Worth campus, the university’s president said Friday.

read more >

AP hack proves Twitter has a serious cybersecurity problem

 

Julianne Pepitone

NEW YORK (CNNMoney) -- If Twitter needed any more evidence that it has a serious security problem, this should do it: Stocks plunged sharply on Tuesday after a hacker accessed a newswire's account and tweeted about a false White House emergency.

The shocking tweet came from the Associated Press earlier this afternoon: "Two Explosions in the White House and Barack Obama is injured."

The AP's communications team quickly tweeted from its own account that the main AP Twitter was compromised, but investors had already panicked. The Dow Jones industrial average immediately plunged by more than 140 points.

And there it is: After years of hacks that typically involved little more than obscene language, Twitter's subpar security measures have now caused serious real-world consequences.

Many hacks happen when account owners use guessable passwords or access Twitter over public Wi-Fi and shared computers. If one person who tweets from a corporate account loses his or her phone, an entire corporation's Twitter account could be at risk.

While Twitter can't control those issues, critics say the company could do more to prevent them.

Security pundits have called on Twitter for years to beef up its security using simple methods: Sharply limit the login attempts allowed from a single IP address. Let only one person access a Twitter account at a given time.

Ideally, Twitter would employ a "two-factor authentication" login method. It's a basic security tool already used by Google, Facebook and Dropbox that requires both a password and a piece of data, such as numbers sent via text message.

Twitter began posting job listings earlier this year for engineers to work on two-factor authentication. The posts came after Twitter's own systems were hacked, and the attackers gained access to usernames as well as encrypted and randomized passwords for about 250,000 users.

But job postings don't mean much until serious changes are implemented. Meanwhile, the hacks have continued. News organizations are a particularly attractive target thanks to their reach and influence.

The Twitter accounts of CBS' 60 Minutes and 48 Hours were compromised over the weekend. In July 2011, News Corp.'s Fox News account -- followed by more than 2 million people -- was hacked in and tweeted that President Obama had been assassinated.

That same month, eBay's PayPal United Kingdom Twitter feed was hacked, and the profile photo was changed to a pile of excrement. Comcast's NBC News account was also compromised two months later, falsely tweeting that a plane had crashed into the Ground Zero area of Manhattan.

In February of this year, both the Burger King and Jeep Twitter accounts were hacked during the same week.

It's unclear what, if anything, Twitter plans to change. As always, a company spokesman said, "We don't comment on individual accounts for privacy and security reasons."

So far, Twitter has put the onus on brands to ensure they're being smart about choosing and sharing passwords. Following the Jeep account hack earlier this year, Twitter tweeted a link to a "friendly reminder about password security."

Twitter can tweet about best practices all it wants, but that approach clearly isn't working. When hacks do happen, the company does a good job of restoring compromised accounts typically within a few hours. But as the AP hack proves, these attacks can have damning real-world effects.

< back

Email   email
hide
Arena
What do you think of the new plans for a new Will Rogers arena and changes at the Convention Center?