An NBC News Twitter hack over the weekend has prompted an FBI investigation after miscreants posted messages falsely claiming that terrorists had launched an attack at Ground Zero in New York.
The fake Twitter messages were timed on Sunday to coincide with the 10-year anniversary of the September 11th World Trade Center attacks, while capitalizing on heightened fear and awareness from increased security in New York amid reports of possible terrorist attacks that day.
NBC News issued a statement confirming the hack that was read by news anchor Brian Williams.
“The NBC News Twitter account was hacked late this afternoon and as a result, false reports of a plane attack on ground zero were sent to @NBCNews followers. We are working with Twitter to correct the situation and sincerely apologize for the scare that could have been caused by such a reckless and irresponsible act,” Williams said.
Specifically, the bogus Twitter messages claimed that Flight 4782 was hijacked while Flight 5736 crashed into the site where the Twin Towers had once stood.
“Breaking News! Ground Zero has just been attacked. Flight 5736 has crashed into the site, suspected hijacking, more as the story develops,” read the first message.
The message was followed by another reading, “Flight 4782 is not responding, suspected hijacking. One plane just hit Ground Zero site at 5:47,” before posting a final tweet that read “This is not a joke. Ground Zero has just been attacked. We’re attempting to get reporters on the scene.”
Upon news of the fake tweets, Twitter immediately blocked the NBC News' account.
The phony tweets were followed by an alert from NBC warning users that the site had been hacked.
Vivian Schiller, NBC News’ digital officer, confirmed the hacks over Twitter and warned users to disregard any messages. The postings about a Ground Zero terrorist attack were taken down minutes after they were posted.
“Ignore tweets from @nbcnews till further notice. We’ve been hacked. Do not retweet,” Schiller said via Twitter.
Later that day, NBC News said via Twitter that "Our account is secure and under control. Apologize for the scare. We value your trust.”
The posting on the NBC News Twitter account indicated that the attacks might have been perpetrated by a hacking group called the “Script Kiddies,” who in the past have targeted mainstream news organizations.
In particular, the Script Kiddies have gained notoriety by targeting major media corporations. In July, the same hacker group targeted the Twitter account of Fox news in an attack that issued a false alert that President Barack Obama had become the victim of a fatal shooting in Iowa. That same month the group had also hacked and defaced Pfizer’s Facebook Web page.
The Script Kiddies peeled away from larger global hacker collectives, Anonymous and LulzSec, both of which have made their name by going after high profile governments, corporations and international law enforcement agencies.
Next: NBC News Hack Reminiscent Of Other Cyber AttacksMeanwhile, the recent NBC hack is reminiscent of defacements, perpetrated by members of Anonymous and LulzSec against PBS, which falsely claimed that deceased rapper Tupac Shakur was alive, as well as an attack on The Sun’s web site, bogusly claiming that News Corp. CEO Rupert Murdoch had been found dead in his garden.
Thus far, it’s still unclear whether NBC News’ Twitter account was infiltrated by a phishing attack, via a brute force attack or whether the hackers had determined the Twitter password in order to access the site.
Graham Cluley, senior technology consultant for security firm Sophos, said that the recent NBC News hack indicated that Twitter should bolster security mechanisms .
“Twitter should be applauded for taking such quick action, but isn’t it time that there was better security available to accounts which have a large number of followers, or who, like media organizations, may cause public panics if someone breaks in and starts tweeting false news stories about terrorist attacks?” Cluley said in a blog post Monday.
Cluley said that in particular, he hoped the recent attack would galvanize Twitter to implement an addition layer of authentication, in order to prevent easy access by hackers attempting to deface the account. “I fear that, unless that happens, we will continue to see high profile accounts hacked," said Cluley, "and brands damaged as hackers run rings around them.”