27 September 2023

Twitter security flaws pose a unique threat to nuclear diplomacy

Start the conversation

Corinne Purtill* says that as hackers compromised world leaders’ Twitter accounts, researchers released a report on the risk tweets pose to international conflict, finding that Twitter help an outsized ability to escalate crises and amplify misunderstandings.


When it came time to set a publication date for their report Escalation by Tweet: Managing the new nuclear diplomacy, King’s College London researchers Heather Williams and Alexi Drew settled on the arbitrary date of Wednesday, July 15 to release 18 months’ of research on how Twitter’s format is uniquely positioned to make dangerous global situations exponentially worse.

Their timing turned out to be prescient.

Within hours of the paper’s online publication, Twitter endured the worst security breach in its history.

Hackers seizing the official accounts of Barack Obama, Joe Biden, Elon Musk, Jeff Bezos, Apple, and other high-profile companies and individuals defrauded an estimated $116,000 from unsuspecting users who fell for phony tweets promising to pay them twice the amount deposited at a provided bitcoin wallet address.

Several people on Twitter pointed out that they knew it was a hoax when Bezos, whose philanthropic efforts have lagged behind his fellow multibillionaires, tweeted “I have decided to give back to my community.”

Twitter jumped to action and temporarily blocked all verified users from tweeting or resetting their passwords Wednesday while it worked to restore security.

The company is currently investigating how the breach occurred.

Yet the hours of chaos underscored the King’s College London team’s most key conclusions: because of its global reach, immediacy, informality, and centralised control, Twitter holds an outsized ability to escalate crises and amplify misunderstandings, and it’s far from clear that the company — or any social media company, for that matter — is fully equipped to limit the damage rendered from its platform.

“When I first heard about yesterday’s hack, it was like seeing some of our nightmare scenarios play out,” said co-author Heather Williams, a lecturer at KCL’s Centre for Science and Security Studies and Defence Studies Department.

“What if it had targeted more U.S. officials? Or been designed to start a war? It put a whole new light on our findings about America’s vulnerability to escalation by tweet and disinformation.”

As the authors see it, the features that have fuelled Twitter’s success are the same ones that grant it an alarmingly outsized ability to influence potentially catastrophic global events.

Tweets are disseminated globally, instantaneously, and without an intermediary.

The 280-character limit discourages nuance and encourages informality.

Used responsibly, Twitter can quickly spread useful information directly from verified sources.

In the wrong hands, it can undo years of careful diplomacy in a few blunt and ill-tempered sentences tapped out in an apparent fit of rage.

A poorly worded tweet at the wrong time from a high-profile yet intemperate user — Donald Trump, let’s say — could instigate nuclear conflict.

A fraudulent tweet sent by a malevolent actor determined to cause as much harm as possible could be even worse.

The report highlighted three forms of conflict escalation, all of which can be accelerated on Twitter: deliberate escalation, either through outright threats or an intentional campaign of misinformation; catalytic escalation, in which a third party — the public, bots, government officials, or outside actors — pressures one or both sides to step up their conflict; and inadvertent escalation, in which one or both parties send signals that get misinterpreted by the other side.

Tweets are nothing if not open to misinterpretation, and it’s this latter element that holds the most potential for disaster.

Using the U.S. standoff with Iran in January as a case study, the researchers highlighted how tweets prolonged and escalated tensions.

From Dec. 31 to Jan. 9, Trump, Secretary of State Mike Pompeo, and Secretary of Defense Mark Esper sent a total of 136 tweets, a volley of often contradictory messages that muddied the official U.S. position.

It’s not hard to see why Iran interpreted a series of tweets from the president that began with “Let this serve as a WARNING” as, well, a warning of future violence.

Furthermore, they pointed out, the president appeared not to appreciate that messages he may have intended to convey strength to a domestic audience could be seen and misinterpreted by Iran.

But many of the communication norms that shifted under Trump are not going to change back when he leaves office, the authors said in interviews Thursday.

He is not the only political leader whose posts take an aggressive, confrontational tone.

In January, following Iran’s attacks on U.S. military targets in Iraq in retaliation for the killing of major general Qasem Soleimani, Iranian Supreme Leader Ali Khamenei posted on Instagram a caption that read in part, “They were slapped last night,” under an image of Trump with a red hand-shaped welt superimposed across his face.

In the U.S., curse words in lawmakers’ tweets have shot up exponentially since Trump took office, The Hill found last year.

The more blunt and casually hostile these posts become, the easier it is to accept Twitter as a place where powerful people threaten one another, and the easier it is for a fraudulent threat from a hacker or other bad actor to slip past the guardrails.

Just four short years ago, an oddly capitalized and insult-laced tweet threatening nuclear violence against North Korea would look so out of place among the U.S. president’s Twitter feed that it could be immediately recognised as a hack.

That is no longer the case.

And given that we’ve come to expect the unexpected on social media, a malevolent hacker with better impersonation skills than the ones who took over Bezos’s account yesterday could wreak far greater damage than bitcoin theft.

“If this had actually been done by a state actor, at the right time, this could have been devastating,” said co-author Alexi Drew, a postdoctoral researcher at KCL’s Centre for Science and Security Studies.

Imagine if hackers with control of Biden’s account tweeted on the eve of the election that the Democratic candidate was dropping out of the race, she said.

Twitter is still investigating the breach.

On Wednesday, it tweeted that the hackers appeared to have targeted employees through a “social engineering attack,” such as a phishing scheme, to gain access to sensitive internal systems.

And it’s possible that the worst consequences of the hack haven’t yet come to light.

The relatively small size of the hackers’ haul, compared to the vast scope of the security breach, has many security experts worried that the bitcoin scam was a distraction for far more sensitive information stolen in the hack and that the full damage is yet to be revealed.

With a presidential campaign less than four months away, the best-case scenario is that this hack provides Twitter and other social media companies with a relatively low-stakes wake-up call.

“The blanket shutdown of many verified accounts seemed necessary and is understandable, but it is also a bit ruthless and could be dangerous,” Williams said, with the lockdown of verified users silencing public services like the National Weather Service’s account along with blue-checked chatterers.

The report also recommends that Twitter itself step up efforts to educate users on misinformation on its site.

The stakes couldn’t be higher.

Twitter’s stumbling response Wednesday “makes you wonder what contingencies the company has put into place in the event that it is someday taken over not by greedy Bitcoin con artists, but state-level actors or psychopaths,” journalist Casey Newton wrote Wednesday in The Interface newsletter.

“After today it is no longer unthinkable, if it ever truly was, that someone take over the account of a world leader and attempt to start a nuclear war.”

*Corinne Purtill is a freelance journalist. She can be contacted on Twitter @corinnepurtill and atcorinnepurtill.net

This article first appeared at onezero.medium.com.

Start the conversation

Be among the first to get all the Public Sector and Defence news and views that matter.

Subscribe now and receive the latest news, delivered free to your inbox.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.