September 29, 2022

Opinion: Social media companies like Twitter can’t be trusted to regulate themselves

3 min read


Last month, Twitter’s former head of security, Peter “Mudge” Zatko, told Congress and federal agencies that the company’s security practices posed serious threats to national security. As part of their disclosures, which were disclosed. CNN Last week, Zatko claimed that the company allows about half of its staff – which amounts to thousands of employees – to have access to critical controls, and that some of them work for one or more foreign intelligence agencies. can do They also alleged that the company did not adequately protect the security of user data, using servers with outdated software that lacked key security features such as encryption. Moreover, he claims he was discouraged from sharing the full extent of the company’s security problems with the board.
TwitterOf course, that contradicts the idea that it has major security issues. He told CNN that engineering and product teams can only access production environments if they have “a specific business justification” that employees use devices that are monitored by IT and security teams. And that if a device is running older software, they can block it. By connecting to sensitive internal systems. However, Twitter did not respond to questions about its alleged foreign intelligence vulnerabilities.

“Mr. Zatko was terminated from his senior executive role at Twitter in January 2022 due to ineffective leadership and poor performance,” a spokesperson told CNN. The spokesperson added, “What we’ve seen so far is a misrepresentation about Twitter and our privacy and data security practices that is full of contradictions and misunderstandings and lacks important context.” Is.”

(Zatko claims it was fired in lieu of lifting. Security concerns in the company).
Peiter Zatko, better known as Mudge in the computer hacking community, poses for a portrait on August 22, 2022.  Photo by Sarah Sulbiger for CNN

This latest whistleblower report makes it clear that social media platforms not only pose potential privacy risks to users, but also national security risks. Congress urgently needs to pass a law regulating what data social networks can collect, how they can share it, how they can store it, who can access it and Under what circumstances? Lawmakers also need to give the Federal Trade Commission (FTC) a specific mandate to closely monitor the security and privacy practices of social media companies. This will ensure that these companies comply with any new regulations. We cannot trust them to maintain their data collection and sharing and security standards.

Consider the impact of a social media company’s inadequate security protocols. If a company lacks adequate safeguards to protect user passwords or employee accounts, legitimate sources such as high-profile people’s accounts can be hijacked and dangerous, even deadly, claims or instructions issued. can be used to

Remember that in 2020, hackers took control of the Twitter accounts of people like Elon Musk, Bill Gates and Barack Obama. BitcoinAnd Twitter users Defrauded for over $100,000. The hackers did this by targeting employees who had access to internal tools and were able to post tweets.

Further, if a company lacks protections about how many employees have access to user information and security measures to ensure that employees and customers are not hacked, hackers—or even employees—may find themselves vulnerable. Can collect and share sensitive information about users from social media data. with foreign intelligence agencies. Accessing their passwords or private messages could reveal evidence of things like affairs or miscarriages that bad actors could use to try to blackmail them into espionage.

Opinion: Crypto can't trust the government to save it from itself.
Does it sound crazy to think that a Twitter employee would sell user data to a foreign government? Just this month, a former Twitter employee was found guilty of giving the government private information about Twitter users. Saudi Arabia in exchange for money.

That’s why it’s important for social networks to limit access to sensitive user information, store and share as little user data as possible, and take every possible step to prevent hacks. Zatko’s accusations suggest, at least on Twitter, that’s not happening.

Such threats are serious enough to leave social media companies to manage on their own. We need legislation that strictly limits the number of employees who can access customer data, prohibits sharing that data with third parties, and requires companies to Take strong measures to avoid hacking.

Congress needs to act immediately to protect social media users and the nation from the possibility of these types of breaches.



Source link

Leave a Reply

Your email address will not be published.