Photo Credit: Getty Images
Peiter “Mudge” Zatko testified before Congress that Twitter lacks the ability to eliminate the variables endangering the data of its users. He also mentioned the possibility of spies among the company’s workforce.
The whistleblower recalled an instance in which a Twitter employee ignored a problem with a spy danger during his testimony. He said that the employee ignored the worry despite the potential harm to the company’s operations.
Zatko also disclosed that the FBI had warned Twitter that Chinese spies were working there before he came forward as a whistleblower in January. Whether Twitter has already addressed the issue is not yet known. The FBI appears to be keeping quiet about the situation in the meanwhile.
Zatko asserted that systematic issues existed with Twitter. These could compromise the safety of the company’s user data. Further, the alleged carelessness of the firm in resolving the problems poses a danger to US national security.
Zatko outlined a number of problems that would support his Twitter-related accusations. For example, Twitter mishandled user data, broke the terms of the consent agreement it signed with the US Federal Trade Commission in 2011, and allowed most of its staff access to private user data, among other issues.
The several issues Zatko listed in front of Congress highlighted Twitter’s inability to find and get rid of these threats, especially the spies inside the team.
Zatko’s camp is positive
Legal counsel for Zatko, Alexis Ronickher, stated that they are contributing to the safety of users online.
“Mr. Zatko is hopeful that the Committee’s work today has helped educate the public about just how dire the security and privacy situation is at Twitter and how impacted we all are by these failures. He continues to believe that through this public disclosure process, real-world harm for Twitter users may be avoided and our country’s national security better protected,” said Ronickher.
Meanwhile, lawmakers emphasized the gravity of Zatko’s assertions during the session. They stated that tampering threatening Twitter should be treated seriously in order to protect individuals and the country. Senator Dick Durbin, the chair of the Senate Judiciary Committee, stated that Twitter is a viable platform and that its defense measures should not be readily breached.
Twitter’s outside threats
In addition, Zatko suggested that there may be opportunities for Russia and China to spy on data based in the US. According to Zatko’s testimony, over 7,000 Twitter workers have access to sensitive user information, making that information exposed if the company had hired spies.
He continued by saying that private information such as email addresses, phone numbers, IP addresses, locations, home addresses, languages, and other details might all be utilized by foreign governments for whatever objective.
Additionally, Twitter lacks an internal system monitoring mechanism that keeps track of who accesses sensitive data, so any employee may do so without the business knowing who it is. It would therefore be hard to identify the person who was perpetrating terrible acts.
“There were thousands of failed attempts to access internal systems that were happening per week, and nobody was noticing. This fundamental lack of logging inside Twitter is a remnant of being so far behind on their infrastructure and the engineering,” said Zatko.
“A Twitter engineer, understanding how the running systems and the data flows were operating, could then access and inject, or put forward, information as … any of the senators sitting here today.”
Opinions expressed by CEO Weekly contributors are their own.