Three weeks ago, there was a massive twitter account intrusion

  。 In this incident, a large number of well-known twitter accounts, including former U.S. President Barack Obama, Amazon CEO Bezos, as well as Warren Buffett, Tesla CEO musk and others, were stolen, and suddenly collectively sent bitcoin phishing tweets to induce fans to transfer money to hackers’ bitcoin wallets. After the < / P > < p > incident, twitter immediately shut down the ability to authenticate twitter accounts to post new tweets, but 130 accounts were still affected. At the same time, twitter also said it would keep up-to-date on the investigation of the hacker attack. < p > < p > on July 31, twitter released more details and investigation conclusions of this massive account intrusion incident, revealing a part of the truth of this serious incident. < / P > < p > at the beginning of the incident, some analysts said that the reason why hackers were able to succeed was mainly because they bought a “insider” inside twitter. Through this insider, hackers gain access to internal management tools. However, according to the survey results released by twitter, it can be seen that it is not the insiders who are making trouble. The real attack means is “telephone harpoon phishing attack”. < / P > < p > I believe most people will be unfamiliar with this word. Indeed, the typical phishing attacks we see tend to be emails containing malware, or inducing you to visit specific websites to download files with malware. So what does “telephone harpoon” mean? The difference between spear fishing attack and other types of fishing attack is that spear fishing is targeted at specific personnel or employees of a specific company. But the common phishing is the widespread net, does not have the clear target, similar to the ordinary swindle telephone. < / P > < p > because it is aimed at specific personnel, the spear fishing attack is more dangerous. Cyber criminals will carefully collect the information of the target object to make the “bait” more attractive. For example, the elaborate harpoon phishing email looks like a normal email, enough to hide from experienced security experts. As a result, harpoon fishing attacks are more likely to make victims open certain emails unprepared and get hooked. < / P > < p > by now, I believe you understand what “telephone harpoon phishing attack” means. Yes, it’s a harpoon phishing attack using the telephone. < / P > < p > in this kind of attack, network criminals will use VoIP to send calls to the selected target. Usually, network criminals will use the openness of most VoIP services to forge the caller ID, so that each call appears to be from a legal bank. When a cyber criminal encounters a user’s voice mailbox, it will leave a voice message saying that the user’s account has been frozen, And advise the user to dial the given number to provide account information, and then the attacker will receive a call back from the “anxious” victim, and easily obtain the user’s personal information. From this, we can roughly infer how twitter was hacked step by step by understanding what “telephone harpoon phishing attack” is. < / P > < p > first, a twitter employee or supplier receives a message on their mobile phone that appears to be from the twitter support team and asks them to dial a number. < / P > < p > when the employee dials the number, they may be taken to a convincing service desk operator who can then use “social engineering” to trick the target victim into handing over their credentials. < / P > < p > since twitter employees or suppliers think they are talking to insiders, they will disclose more details on the phone, such as handing over internal management tools. < / P > < p > similarly, the conversation may be initiated by a swindler calling an employee, or using VoIP telephone service and using caller ID fraud to pretend to be from a legal number, so that the employee can “obediently” hand over control. < / P > < p > from the perspective of cybercrime, harpoon phishing is undoubtedly the ideal tool in the eyes of attackers, because they can easily gain the trust of victims. Attackers pay more attention to executives and other employees with administrator rights, enticing them to start malicious software and let cyber criminals enter the company environment. The company’s data is encrypted with blackmail software, and then the victim is blackmailed for money. So, can’t we defend against this kind of attack? < / P > < p > most harpoon phishing is successful not because employees want to do something wrong, but because they are keen to do good. So just because someone sounds friendly and helpful on the phone doesn’t mean they should be trusted. While not offering constructive help can be socially awkward, especially if you think you’re talking to a & quot; support person who’s helping you, you should always be alert. < / P > < p > in the past, network security was often based on the idea that “the IT department knows best that it will make all the rules.” Ideally, phishing emails really shouldn’t reach the employee’s mailbox, but the idea creates a subconscious assumption that everything that’s not blocked is safe. < / P > < p > because it is impossible to guarantee that all employees can be vigilant at all times, and once the losses caused may be irretrievable, it is necessary to arrange specific exercises. Some security companies in the market will make special “fraud” e-mails, which are used to “lure” those employees who are careless. < / P > < p > just as twitter strengthened the security supervision and internal authority mechanism after the event, you also need to examine whether your data protection scheme is sound. Here, Xiaobian recommends Dell Eason’s “safe haven” plan, cyber recovery, to deal with the growing number of malicious attacks and extortion viruses. The cyberrecovery solution consists of a pair of powerprotect DD systems and cyberrecovery management hosts. The cyberrecovery software running on the management host controls the data flow from the production environment to the storage environment by enabling or disabling the replication Ethernet interface on the data domain system in the CR storage area. < / P > < p > cyber recovery is a logical air gap solution, which provides protection against any network attack, and is the ultimate solution of Dell easy on for virus protection, malicious deletion and other security incidents. The backup data is linked to the internal storage area of the production center by using the backup interface P < DD > in the production center. < / P > < p > using DD retention lock feature, cyber recovery creates an immutable copy of DD replication data on the production side in the cyber recovery storage area. In the CR storage area, a schedule is created to enable the replication interface link. After replication, the replication interface on the DD of the cyber recovery vault area will be disabled to establish a complete network isolation scheme for backup data. We can also create RW sandboxes in CR stores to analyze data and recover validation data. The consulting service of cyber recovery solution can also provide users with further physical security design to prevent internal saboteurs from taking advantage of physical security weaknesses. The CR storage area equipment can be installed in a special room or cage, and physical access control measures can be implemented, such as the room or cage is locked, the key must be registered, or two people can unlock the key by inserting the key at the same time, and the cage door, room door and equipment are installed with video monitoring. < / P > < p > in the digital age, data risk is impossible to prevent. The experience of a large Internet company like Twitter undoubtedly gives us a vivid lesson. Enterprises should choose a data protection scheme that can not only attack at fixed points, but also protect comprehensively. Only in this way can enterprises hold the initiative in their hands and build a security defense line for data-driven value. Continue ReadingDeveloped a “plug and play” solar power generation scheme, and “5B” won a $12 million round a financing