Twitter hack spotlights disinformation fears as U.S. election looms

Washington – The hijacking of several prominent Twitter accounts, including that of presumptive Democratic U.S. presidential nominee Joe Biden, has again raised questions about the company’s ability to combat disinformation on its platform and rekindled concerns about potential election interference with the November U.S. election just four months away.

Twitter Inc. and other social media sites such as Facebook Inc. were already facing scrutiny over their ability and willingness to protect the integrity of the democratic process and avoid a repeat of 2016, when Russia spread disinformation in efforts to bolster Donald Trump’s candidacy.

That pressure increased on Wednesday as Biden, Barack Obama, Jeff Bezos, Bill Gates, Warren Buffett and Elon Musk were among the prominent political and business leaders whose accounts were exploited to send out tweets in an apparently coordinated effort to promote a cryptocurrency scam.

“What happened today should be a red flag in terms of the huge amounts of disinformation that are already rife in this election and it’s only going to get worse,” said Meredith McGehee executive director of Issue One, a nonprofit focused on political reforms. “When you’re going after presidential candidates and the richest men in the world, it’s a display of their vulnerability.”

Lawmakers were swift to call for the company to answer questions or for the U.S. to bolster its cybersecurity position.

Democratic Rep. Frank Pallone of New Jersey, who chairs the House Energy and Commerce Committee that oversees much of U.S. technology policy, said in a tweet that Twitter “needs to explain how all of these prominent accounts were hacked.” Democratic Rep. Carolyn Maloney of New York, who chairs the Oversight Committee, sent out a release noting she had just held a hearing on creating a national cyber director for the U.S.

Republican Sen. Josh Hawley of Missouri, a vocal tech critic who has backed Trump on accusations that the largest social media platforms have tried to silence conservative voices, wrote a letter to Twitter Chief Executive Officer Jack Dorsey within minutes of the hack.

He urged Dorsey to get in touch with the U.S. Justice Department and FBI to secure the site, and asked about potential data theft and whether the breach affected select users or the security of the platform overall.

Verified accounts such as Pallone’s and those of other members of Congress had trouble posting Wednesday evening as the company locked them down in a seeming effort to stop the unfolding scam, while Hawley’s spokeswoman, whose account does not have a blue check mark, had to tweet his letter.

Who hacked Twitter and how are certainly the company’s greatest immediate concerns. But until Wednesday’s episode, users could take for granted that verified account holders were indeed who they claimed to be. And that the messaging from those accounts was, if nothing else, authentically sourced.

That sense of trust may have been altered during a five-hour window when some of Twitter’s highest-profile accounts were commandeered by an intruder, said Laura Galante, founder of the cyber research firm Galante Strategies.

“What’s really important now are the parameters Twitter sets to disclose these incidents to the public,” she said. “And how are you going to verify swiftly that a tweet is fake and an account has been hacked. That’s something they need to figure out now.”

It’s true that voters checking Twitter may be swift to recognize false statements from Biden, Trump and other high-profile figures — or the media will identify those statements with urgency. Yet the credibility of accounts really becomes an issue at the state and local level.

“Who will notice right away if local election administrators’ accounts are hacked and used to peddle misinformation about how to vote or where?” said Darren Linvill, a professor and disinformation researcher at Clemson University. “That’s the kind of threat that can be long lasting. Even if it’s just a day, if that day is Election Day then there’s more than enough time to do damage.”

Experts had bigger worries than a cryptocurrency scam following Russia’s use of fake personas in 2016 to promote false news, sow division and suppress Democratic votes. Yet lawmakers, cybersecurity researchers and good-government advocates have spent the ensuing years warning that disinformation’s tendency to spread quickly on Twitter could be a threat to the election as well as to public health amid the coronavirus pandemic.

They cited not just the actions of foreign nations but domestic operatives including official campaigns, with Trump showing an eagerness to spread falsities, using tools ranging from lies to manipulated videos.

The calls seemed to have moved Dorsey, whose company’s smaller size relative to Facebook or Alphabet Inc.’s YouTube means it must rely more on algorithms than humans, to enforce policies that ban manipulating elections and other forms of disinformation.

In October, he announced Twitter would ban political ads on the platform even as Democrats complained that Trump was spreading lies about Biden on Facebook unchallenged.

In May, Twitter fact-checked Trump’s false claims about mail-in voting, prompting the White House to issue an executive order aimed at curbing liability protections for social media services. The company has since then flagged one Trump tweet for violating its policies on glorifying violence and continued to take a more active role in monitoring his tweets.