Why are hackers breaking into politicians’ accounts and liking single tweets?
- 13 December, 2017 14:08
Ambassador of Australia to the United States Joe Hockey is the latest politician to cry ‘hack’ after his Twitter account on Monday liked a tweet which called Prime Minister Malcolm Turnbull a “cranky prick”.
Turnbull - wow. Showing what a cranky prick everyone who has worked with him says he is #qanda— Stephen Koukoulas (@TheKouk) December 11, 2017
Hockey later claimed that “it looks like I have been hacked” and that the Australian Federal Police was now investigating.
Don’t get too excited. It looks like I have been hacked.AFP now investigating.— Joe Hockey (@JoeHockey) December 11, 2017
Accidentally liking a tweet while scrolling a hashtag or timeline is all too familiar to anyone who has ever used Twitter on a mobile device. It’s very easily done.
One can easily imagine Hockey – or an aide with account access – watching Turnbull on the ABC’s Q&A on Monday while scrolling through Twitter then accidentally liking the above tweet which appeared top of the #QandA hashtag’s ‘Most Popular’ timeline for most of the programme. Maybe one of Hockey’s communications assistants liked the tweet while logged in to the wrong account.
But no, as it went according to Hockey, a malicious hacker somehow accessed or guessed his password, and presented with the opportunity to cause major mischief – perhaps destroying Australian American relations by firing off a rude tweet to Donald Trump or sparking chaos domestically with an explosive titbit about George Brandis and the Bell Group – instead decided to like a single tweet about Turnbull’s Q&A performance. And then stop, presumably doubled over, cackling maniacally and unable to continue.
Hockey quickly cried ‘hack’ and said the AFP was investigating. That much at least is partly true.
The AFP confirmed to CIO Australia that it had been contacted by Hockey “in relation to the alleged unauthorised access of his Twitter account”.
Yes, according to the police, Hockey really did call them about it.
However, the AFP has “not yet received a formal referral regarding this matter”. To proceed with further investigation, the AFP needs to receive a letter or email from an Australian Government department or agency – in Hockey’s case the Department of Foreign Affairs and Trade – if it believes a law has been broken.
“Should a formal referral be received, an evaluation will be conducted in accordance with standard procedures,” a spokesperson for the AFP added.
I like porn
Hockey’s ‘hack’ follows Health Minister Greg Hunt’s account last week liking a saucy tweet by an explicit poster.
Like Hockey, Hunt quickly cried ‘hack’ too. A spokesperson for Hunt told The Australian the minister had notified police as soon as he was aware of his account being “clearly hacked”.
The AFP told CIO Australia that they had “not yet received a formal referral regarding this matter”.
The Hunt ‘hack’ incident follows one last month involving Defence Industry Minister Christopher Pyne, whose account, on the eve of the marriage equality survey result, liked another pornography tweet.
I was hacked overnight! I was at 2am. Someone tried to hack my social media yesterday. Maybe they are making mischief over the plebiscite?— Christopher Pyne (@cpyne) November 15, 2017
Pyne too claimed he had been “hacked”, although didn’t call in the police to investigate. Pyne suggested there was a personal campaign against him, saying “It don’t think it was designed to hurt, I think it was designed to be embarrassing”.
In September, the “official Twitter account of the Australian Border Force Commissioner” Roman Quaedvlieg liked a porn clip posted by @LadyMystique_01 containing a lewd caption.
The department later told the Daily Mail it was investigating the matter.
According to Twitter, account activity such as seeing likes you didn’t make, is a good sign an account has been compromised. How does this happen?
“Accounts may become compromised if you've entrusted your username and password to a malicious third-party application or website, if your Twitter account is vulnerable due to a weak password, if viruses or malware on your computer are collecting passwords, or if you're on a compromised network,” the site advises.
If any of those possibilities is true for Hockey, Hunt or Pyne, the implications are serious. Potentially malicious outsiders have access to more than just their Twitter accounts.
That may have been the thinking of former Liberal senator Cory Bernardi who after Pyne’s porn tweet like called for an investigation on national security grounds.
The suggestion was initially considered by Labor, but the party later decided not to pursue the matter.
Before dialling 000, users can, by the way, quickly check if there's been suspicious activity on their accounts:
Just FYI, it's actually very easy to see if your Twitter account has been accessed. "Settings and privacy" > "Your Twitter data" > "Account access history". Investigation over. Ping @AusFedPolice. pic.twitter.com/H5TZ1GmPeB— Fergus Hunter (@fergushunter) December 12, 2017
Maybe a very talented hacker is playing the long game. There is a school of thought that minor disruption – such as, for example, the occasional liked tweet – is better at creating mistrust than a major incident would.
On a side note, in discussions about information operations I’ve been involved with over the years, creating only occasional glitches, like liking the odd tweet, were seen as more effective at creating mistrust and chaos than sustained and “obvious” disruptions.— Stilgherrian (@stilgherrian) December 11, 2017
Or maybe – as Occam’s Razor would suggest – the tweets were liked by Hockey, Hunt and Pyne by accident.
In Hunt and Pyne’s case, just maybe they were using Twitter to access pornography because such sites are blocked on their work computers.
If Hockey, Hunt or Pyne are crying ‘hack’ to cover an embarrassing slip of the thumb, and then calling in the AFP to investigate to bolster the lie, it represents a huge waste of taxpayer’s money and police resources.
Few are buying it.
Sometimes when I scroll through Twitter I accidentally hit "like". If you quickly unlike it is as if it never happened. No need for silly lies about "hacking".— Kristeen Peake (@teenyllama) December 12, 2017
Hacked? Or are you just hacked off Joe? We are all now finding it a little inconceivable that 3 separate MPs Twitter have been hacked for porn now a twitter snafu. Are the AFP going to have any time for REAL investigations when the chasing the LNP twitter hacker.— Richard Hargreaves (@RickHargreaves) December 11, 2017
I really hope if I get "hacked" one day it'll be by one of these "get in, like one and only one tweet and get out" hackers.— Lashan (@LashanStuff) December 13, 2017
The original Twitter porn-liker at least partly ‘fessed up. When Conservative Republican politician Ted Cruz’s Twitter account liked a tweet from the account @SexuallPosts which featured a two minute porn clip, he didn’t cry ‘hack’ or call the police. Although he did blame an unnamed staffer.
“It was an honest mistake,” he told CNN.