Feds focus on social media ‘hijacking’ after CENTCOM incident
The pro-Islamic State hacking group that took over U.S. Central Command social media accounts last week might not have unearthed classified defense information, but the federal social media community isn’t taking the incident lightly.
Within days of the cyber attack, the General Services Administration’s DigitalGov community hosted a webinar instructing government officials how they can prepare for and respond to “social media hacks,” inviting federal social media managers and representatives from major social media companies to discuss best practices.
While the incident wasn’t a traditional hack — Sajji Hussain, a manager of federal clients for Hootsuite, called it “hijacking” or “cyber vandalism,” because it wasn’t an actual breach of an agency network — federal agencies are growing more dependent on social media platforms and therefore must take this instance seriously.
“[I]t’s not just potentially embarrassing or a laugh that somebody will have in an article,” Justin Herman, the head of GSA’s DigitalGov, said during the webinar. “It’s critical that we maintain public trust in these situations.”
There are more than 5,000 social media accounts connected to the federal government, and more than 1,000 federal officials use those to varying degrees to serve their agency’s mission. But according to Herman, “the largest growth area in the federal government in social media is around using it for customer service.”
For instance, the Education Department’s Federal Student Aid program relies heavily on social media to answer students’ questions. That not only offers customers a more familiar platform for discourse, but the free services also save American taxpayers’ money.
Elsewhere, agencies like the Federal Emergency Management Administration are posting critical information to American citizens, like warnings or emergency plans during a disaster, on social media.
“Whether it’s service for student loans or it’s emergency information during an earthquake or a hurricane, these programs can save lives; these programs have an immediate impact on people who rely on them,” Herman said. “Therefore, even more so than the private sector, we have to take a responsibility upon ourselves for that.”
That’s why, when these “hijacks” occur, Herman said it is the responsibility of the agency to respond properly and regain control.
“When an incident does occur, it’s not enough to just get control over your site again and the next day talk about it,” he said. “You must use the same channel that was compromised in order to respond and maintain trust and to let people know your program is viable again.”
And before that, agencies need to have a plan in place how to respond. A lot of that forward thinking involves having an elevated sense of cyber hygiene — the typical strong password, two-factor authentication and phishing avoidance ploys. Since the attack on the CENTCOM Twitter and YouTube accounts, Defense Department officials have strengthened the passwords on many social media platforms and distributed a tips sheet of best practices.
Hussain explained just how simple it is for someone to hijack a social media account.
“Just by doing a little bit of social engineering, I can find out a lot about who you are, what your favorite football team is, what your dog’s name is, all that stuff,” he said. “If I go to your agency’s primary Twitter account and I take a look at the list of accounts and individuals that that main account is following, there’s a good chance that you’re following yourself. That kind of social engineering is really simple to do.”
From there, a hacker can view your LinkedIn page, see that you manage social media for a given agency and explore your personal Twitter to find your interests.
With those golden nuggets of personal information, Hussain said, “now I can start guessing what your password is going to be.”
Given recent global cyber attacks, Herman believes that hackers taking advantage of cyber vulnerabilities are going to become even more common. And though social media hijacks aren’t as critical as an agency network hack might be, he said it’s imperative that officials keep in mind the citizens they serve.
“It comes down to the principles of open government, maintaining an active, credible, responsive feedback loop with the citizens who rely on us,” Herman said. “And that means not just preparing, not just regaining control; that means responding, and responding quickly.”