The official Twitter account of India’s Ministry of Information and Broadcasting (@MIB_India) was compromised on Wednesday morning, Kanchan Gupta, Senior Adviser, MIB, said. The Ministry, however, has now regained control of the account.
The account @Mib_india has been restored. This is for the information of all the followers.
— Ministry of Information and Broadcasting (@MIB_India) January 12, 2022
While the account was compromised, the hackers renamed the account name to Elon Musk and began tweeting random replies, retweets, and malicious links revolving around the Tesla CEO. These have now been deleted.
The latest high-profile account to be compromised
This is not the only high-profile account that has been compromised in recent times and it raises serious questions on how such incidents are taking place despite Twitter having provisions for features like multi-factor authentication:
- PM Narendra Modi’s personal Twitter account: Strangely, exactly a month back, on December 12, Prime Minister Narendra Modi’s personal Twitter handle (@narendramodi), which as over 73 million followers, was “briefly compromised.” The compromised account sent out a tweet falsely declaring that Bitcoin (BTC) had been adopted as legal tender in the country and that the government has bought 500 BTC to be distributed among residents of the country. Following the incident, the Indian Computer Emergency Response System (CERT-In), the national nodal agency for responding to cybersecurity incidents began an investigation.
- Twitter accounts of the Indian Council of World Affairs (ICWA), Indian Medical Association (IMA) and Mann Deshi Mahila Bank (a microfinance bank): On January 3, these Twitter accounts were compromised and renamed as Elon Musk and tweets promoting cryptocurrency were shared. Interestingly, the font used for the name Elon Musk in these three cases were identical to that which was used today on the account of MIB.
- Twitter account of Modi’s personal website: In September 2020, the account of PM Modi’s personal website was compromised when hackers called upon his followers to donate to India’s National Relief Fund through cryptocurrency in a series of tweets.
How to protect your organisation’s social media accounts from hackers?
The United States Cybersecurity and Infrastructure Security Agency (CISA) December 9 released a guide detailing ways to protect the security of organisation-run social media accounts on platforms such as Twitter, Facebook, and Instagram. CISA’s recommendations prescribe the following measures:
- Establish and Maintain a Social Media Policy
- Implement Credential Management
- Enforce Multi-Factor Authentication (MFA)
- Manage Account Privacy Settings
- Use Trusted Devices
- Vet Third-Party Vendors
- Maintain Situational Awareness of Cybersecurity Threats
- Establish an Incident Response Plan
For more details, read our summary of the guide:How To Protect Your Organisation’s Social Media Accounts From Hackers?
- Twitter crypto scam: 130 accounts targeted, 45 hacked, data of 8 users downloaded
- More cybersecurity incidents reported till October this year than whole of 2020: MeitY reveals in Rajya Sabha
- Pakistani Hacker Group Targeted Indian Defence Personnel With ‘Romantic Lures’: Report
- Jio Warns Users Of A Cyber Fraud Through Which Hackers Get Access To Aadhaar, Bank Details
Have something to add? Subscribe to MediaNama here and post your comment.