The biggest news to hit the tech world on Tuesday was a non-event: the Associated Press’s Twitter account was hacked and sent out the following tweet:
The AP said that the tweet came after hackers “made repeated attempts to steal the passwords of AP journalists,” which was (clearly) ultimately successful.
The response to the tweet was immediate and massive. It quickly picked up thousands of retweets and favorites before the @AP Twitter handle was suspended until it could be restored. The AP’s other Twitter handles, like @APStylebook and @AP_CorpComm quickly went into damage control mode, letting everyone know that the account was hacked, the report was false and they’d have further news and updates about the status of the main account in the coming hours.
There were instant repercussions to the hack. The Dow dropped more than 100 points immediately following the tweet (it has since recovered), and White House spokesman Jay Carney had to tell reporters that Obama was okay: “I can say that the president is fine,” Carney said. “I was just with him.”
It’s amazing that this all could have been prevented if Twitter had two-step verification.
What is Two-Step Verification?
You may remember that last summer, Mat Honan of Wired had his online life obliterated by a hacker. Honan viciously attacked Amazon and Apple’s lacking security procedures and emphasized how important it was that we should all have two-step verification on our accounts.
Two-step verification is an extremely simple idea. When you sign onto a device for the first time – a laptop, an iDevice, whatever – you’ll need to provide a code along with your user name and password. The code is usually a number that will be sent to your phone via text or phone call.
Even though I’m a nobody (especially in comparison to a major tech site’s writer or the Associated Press), I set up two-step verification on both of my Google accounts the day Honan got hacked. Google’s had the process set up for a long time, and it’s something I should have done a lot sooner. When I sign onto a new computer, Google texts me a six-digit number that I have to enter. Don’t have the number? Sorry, can’t access the account! It’s a minor inconvenience, but it’s worth it for that extra layer of security.
What Are You Waiting For, Twitter?
It’s mind-boggling that Twitter doesn’t have two-step verification yet. Tech sites have been criticizing Twitter about it for months now, as it’s the simplest way to prevent further hacks from happening. Even Microsoft, which always seems to be late to the party when it comes to tech, recently added two-step verification.
Seriously, Twitter, what are you waiting for? When @BurgerKing was hacked to make it look like the account suddenly endorsed chief rival McDonald’s, it was a relatively harmless crime. A few laughs were had and the account picked up over 60,000 new followers.
But now we have a hack that impacted world financials and made it seem like the President was injured (or worse). How much more severe will the next hack be? I don’t want to find out.