Recent Blogs

What Twitter’s Takeover Means for Cybersecurity

7 November 2022

It’s official– Elon Musk is the new CEO of Twitter. After weeks of back-and-forths and legal battles, it’s reported that the acquisition cost the billionaire $54.20 per share or $44 billion. Now that Musk owns Twitter, he’s already begun making sweeping changes to the company with plenty more planned for the future.

He’s fired senior Twitter executives and employees (only to recall “essential” ones), vowed to reinstate banned accounts such as former President Donald Trump, and announced he’ll find new ways to make the business profitable (e.g. charging a subscription for verification blue check marks).

However, there are two proposed changes that could have profound impacts on the state of cybersecurity as a whole.

First, Must says he wants to increase confidence in the platform by making it open source. Second, he plans to “defeat spambots or die trying” using a human verification process.

In this article, we will explore what these two changes– if implemented– could mean for the world of cybersecurity and how they could affect the future of social media as a whole.

Could this be the move that saves us from spambots, misinformation, and conspiracy theories? Or will it spell the end for Twitter? Let’s dive in and see what experts have to say about the situation.

An Open-Source Twitter

Twitter has had its fair share of controversy. Twitter has been accused of being used by bad actors to spread misinformation and “fake news.” What’s worse, research has found that these stories spread faster and further than true, legitimate news. Then in mid-2020, a security breach caused several high-profile Twitter accounts– Kylie Jenner, Jeff Bezos, Barack Obama, and even Elon Musk– to be hijacked to promote a cryptocurrency scam.

Musk believes that making the algorithm for Twitter open-source will make it more trustworthy. However, many experts in the cybersecurity industry believe that making Twitter open-source could have unintended consequences.

When speaking with TechCrunch, Jamie Moles from Extrahop said, “s with any widely adopted open source code, there are significant security implications. As we’ve seen with Log4Shell and Spring4Shell, vulnerabilities in widely used open-source applications are exponentially more valuable. Making its code open source may increase transparency for Twitter users, but it may also make Twitter a much bigger target for attackers.”

It could also backfire and give bad actors insight into how the platform works to promote content to make their misinformation campaigns more effective and make it easier for them to train bots to game the platform.

Although cybersecurity experts debate the move, many feel the cons outweigh the pros. Simply because revealing the code for the algorithms doesn’t tell us how it was developed, how the decisions are evaluated, and what elements are prioritised during the process. Making Twitter open-source will do very little in terms of transparency. However, it will open the door for more serious security issues.

The Fight Against Bots

Musk’s second directive is “defeating” spambots by “authenticating all humans.” Of course, his tweet didn’t go into details of what that would exactly entail. However, many believe it’s either upgrading the current Twitter verification system or implementing an identification process which requires users to upload an ID or other documentation to prove their identity.

Many cybersecurity experts and privacy advocates sounded the alarm at this news. However, removing pseudonymity and anonymity isn’t the only way Musk could win his war against spambots. He could use technology to his advantage if he and his team could develop more advanced algorithms that could weed out, detect, and remove these accounts before they get a foothold. 

Many spambots use machine learning and AI to accurately come across as real accounts, which makes them difficult for real humans to spot. While a lot of these accounts are used to spread “fake news” and disinformation, bad actors have also used these accounts to spam, distribute viruses such as ransomware, and scam people out of their hard-earned money. But AI trained to find AI could pick up on idiosyncrasies we would otherwise miss.

A system like this could transform the internet for the good, where there’s been so much division caused by outside manipulation.

Is It the Right Move?

Now that Musk is officially Twitter’s owner, we can assume he will go ahead with his plans to reform the platform. But are these the right moves to take?

At the moment, it’s hard to tell but there are some that believe it will be for the greater good. The Founder of Bugcrowd, Casey Ellis, spoke with Security Magazine where he expressed that he’s looking forward to seeing under the hood of social media platforms to learn how they use algorithms such as AI and machine learning to “shape popular thought,” how they’re used as weapons against the populace, the effects they have on society at large, and what we can do better prepare and defend ourselves going forward.

Ellis believes “n increase in transparency around the mechanics of ‘how we all perceive what is true’ is fundamentally a good thing if Musk follows through on these aspects of what he has committed around the purchase. The one thing I’m absolutely sure of is that it’ll be an interesting ride, regardless of how it plays out.”

Conclusion

Although Musk believes an open-source Twitter will increase trust and that he could destroy spambots, many cybersecurity experts believe things won’t go as well as he plans. In fact, it could have the opposite effect and open Twitter up to more vulnerabilities and exploits. However, there’s no denying that something needs to be done to restore faith in platforms like Twitter and address the growing problem of harmful misinformation and conspiracy theories–

But to Twitter’s credit, this is an issue they’ve been actively addressing for many years where they’ve removed millions of flagged accounts.

And while there are plenty of people wary of Musk’s upcoming changes, there are some still in his corner and believe he has the answer (or will, at least, find it soon). The chair of the Senate Intelligence Committee, Sen. Mark Warner, recently tweeted:

“Twitter has been more forward-leaning than many of its competitors in its effort to tackle false, deceptive and manipulated content… It is my hope that Elon Musk works in good faith to keep these necessary reforms in place and prevent a backslide that is harmful to democracy and to the discourse that takes place on Twitter across the world every day.”

If Musk is able to create a system that can effectively and efficiently detect spambots, it will be a significant win for the cybersecurity world as a whole. On the other hand, if he goes forward with an open-source Twitter, it could have severe ramifications such as an influx of malware, scams, and give bad actors the ammo they need to devise more sophisticated attacks.

The only thing we can do right now is wait and see how it all unfolds.

If you need any support with any aspects of your cyber security, head to our website for full details of the services we offer including anti-spam and anti-virus software, advanced firewalls and disaster recovery plans.