The act of dishonest employees stealing data and spying across the networks has become increasingly popular in recent times, which has had a long term effect on the governments and corporations. In recent times, where people have offered their trust to real-time location and some handful of companies, the stakes have become higher.
The recent instance of such a forgery has come for Twitter. Reportedly two former Twitter employees have been accused of abusing their internal system privileges to spy against some target users and pass the information they collected to Saudi Arabia.
On which cybersecurity expert, Robert Graham on Thursday said that it is much easier for companies to bribe companies by paying a lucrative amount rather than spending a huge lump sum amount to hack a company like Twitter.
According to experts, the method to detect insider access is not that easy despite the tools available to do so. But the immense wealth of data which such companies behold makes it extremely lucrative to set them as targets.
The reason being, companies that provide email, social media, search and other services store several data like personal information, user’s location, hobbies, political views, connections to other users, etc. Several services also have the user’s private emails and other conversations saved.
Activists now fear since the data are leaked, chances are that people opponents might use pseudo names in public posts that have been connected to a real account. An employee can easily look up the email address or the phone number which has been used to sign up and determine the user’s locations which have been used to access the app.
Investigators have further revealed that the coordinated spying effort has resulted in the unveiling of data of over 6000 twitter users, out of which at least 33 usernames have been marked as emergency disclosure by the Saudi Arabian enforcement.
Most big tech firms take prevention measures to avoid such scenarios where employees can take advantage of their position to spy on anyone, including a crush they might see on Tinder.
A researcher with the Citizen Lab named John Scott-Railton stated that to find out well-trained employees who have been working for any foreign government is a different case because they can be cannier with the information they have gathered.
He further added that companies can go ahead to terminate collaboration and trust if they dig too many pits or can also become a target if they put up too few.
The complaint raised on Wednesday regarding the rules violation case, also revealed that the two former employees responsible for such a criminal activity reportedly didn’t have access to Twitter user’s private information but was still able to access the private data, including a user’s email account.
Ahmad Abouammo and Ali Alzabarah are the two charged employees who have been acting as agents for the Saudi Arabian government and had not registered their names with the U.S government. Reports say that the two wee bribed with a designer watch and tens of thousands of dollars to funnel into the secret bank accounts.
On a recent interview, Twitter disclosed that the facility of accessing sensitive accounts information is only limited to a group of trained and vetted employees and disagreed to explain on how the breach as disclosed by the prosecutors took place. This statement is contradicted by what Twitter officials had stated a year ago.
During their last interview, when the news of Twitter insiders planning to target Saudi dissidents had first surfaced, the officials had told that no person can access such information regardless of their post and where they operate.
It’s also unclear on how Twitter has planned its security practices as compared to other tech giants or have they improved their security since Abouammo and Alzabarah had quitted their job at the San Francisco Company back in 2015.
Several tech giants like Google, Apple, Facebook, and Microsoft chose to stay tight-lipped on the matter and declined to every call, email, and message requests on being asked about their strategies to avoid such criminal activities.
Suzaanne Spaulding who is a former undersecretary for cybersecurity at the US Department of Homeland Security remarked that it would be foolish to assume that it is only the Saudi Arabian government who has thought of committing such a crime.
She also said that all the big tech companies who deal with people’s personal information need to learn ways of handling the data with care and should also limit their accessibility. She concluded her statement by saying that the two indicated former employees certainly did not access the information for carrying out with their jobs.
President of Rendition Infosec and a former U.S government hacker, Jake Williams shared his view on the matter and said that it’s not surprising to see any foreign intelligence company trying to get into the secret information of any big tech company and rather companies should have a good built up auditing process to keep a check on such problems.
He said that the process of logging is mostly done to avoid outages and any service issue rather than tracking any insider fault.
Tarik Saleh who is a security engineer at DomainTools remarked that companies need certain resources to look into the abnormality in any employee’s access to data. In recent times, artificial intelligence has shown moderate success in automatically scanning any kind of unusual activity. He confirmed his point by saying that sophisticated organizations like the NSA or the CIA also have difficulty in this regard.
Tony Cole, the chief technical officer at Attiva Networks stated that it will be wise of companies to start by limiting the access of data to any authorized individual and then they can move ahead with detecting any kind of unauthorized access.
Being the chief security officer of Hold Security in Milwaukee, Alex Holden said that several cybersecurity firms offer active measures to detect employee misbehavior such as introducing bait bogus data with commercial value and seeing if workers get suspected for any previous wrongdoing take that bait.
Several experts said that tech companies especially the ones dealing with social media and email providers must realize that they are bound to be the targets of insider threats given a large amount of personal information they hold.
Former FBI counterintelligence agent Frank Montoya did not digest the matter easily and said that the particular incident has been narrated to the companies several times beforehand to avoid such activities but it is their inattentiveness which has given rise to such an incident.
Holden said that it is every company’s carelessness that results in such activities now and then.
Facebook has been responsible for committing a similar type f mistake recently in which it has leaked millions of user passwords on its network in plaintext that should have been encrypted.
Another was from CapitalOne hack, in which a former Amazon Web Service employee had reportedly acquired the information of roughly 100 million people by taking advantage of her position.
Recently there was news of tech companies leaking the audio interactions the employees have with the digital assistants. This is done to improve the services, but reportedly several conversations have been leaked.
It was only after the news got leaked that the companies took better steps and enclosure to protect the user’s privacy.