Verdict lists ten of the most popular tweets on cybersecurity in Q4 2020 based on data from GlobalData’s Influencer Platform. The top tweets were chosen from influencers as tracked by GlobalData’s Influencer Platform, which is based on a scientific process that works on pre-defined parameters. Influencers are selected after a deep analysis of the influencer’s relevance, network strength, engagement, and leading discussions on new and emerging trends.

Top tweets on cybersecurity in Q4 2020

1. Andy Greenberg’s tweet on US charging Russian hackers’ group for cyberattacks

Andy Greenberg, senior writer for WIRED, a monthly technology magazine, shared an article about the US Department of Justice formally charging six members of the Russian hackers group, Sandworm, for carrying out dangerous cyberattacks over the past five years.

Sandworm carried out a slew of destructive attacks including the launch of NotPetya worm originating from Ukraine and later spreading across the world causing damages to the tune of $10bn. The group also temporarily damaged the information technology (IT) backend of the Winter Olympics held in South Korea in 2018.

The members indicted by the justice department were confirmed to be the employees of Russia’s Organisation of the Main Intelligence Administration (GRU) military intelligence agency. The charges mark the first indictment of Sandworm hackers at the global level.

Big news: DOJ today unsealed charges against Sandworm, naming the Russian GRU hackers who have for 5 years crossed every red line in cyberwar from blackouts to disrupting the Olympics to unleashing the NotPetya worm that cost $10 billion. https://t.co/2eviueSKT5 < Updates to come

— Andy Greenberg (@a_greenberg) October 19, 2020

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Verdict.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Username: Andy Greenberg

Twitter handle: @a_greenberg

Retweets: 1,342

Likes: 2,382

2. Mikko Hyponnen’s tweet on hacker attacking a psychotherapy clinic

Miko Hyponnen, a computer security expert, tweeted on a hacker stealing therapist notes of around 40,000 patients from a private psychotherapy clinic in Finland. The attacker who addresses himself as ‘ransom_man’ emailed the details to patients, demanding a ransom of $243 from each of them in Bitcoin.

The hacker manages a Tor site where therapy session notes of 300 patients have already been published. The fact that some of the victims are minors is a cause for serious concern, Miko added.

Highly unusual ransom case underway here in Finland: a private psychotherapy clinic was hacked, and the therapist notes for maybe even 40,000 patients were stolen. Now the attacker has emailed the victims, asking each for 200 € ransom in Bitcoin. #vastaamo

— @mikko (@mikko) October 24, 2020

Username: Mikko Hypponen

Twitter handle: @mikko

Retweets: 851

Likes: 1,692

3. Lorenzon Franceschi Bicchieai’s tweet on Apple paying hackers to detect bugs in their products

Lorenzo Franceschi Bicchierai, senior writer at Motherboard, a technology website, shared an article about Apple paying hackers a whopping $288,500 for tracking down 55 potentially threatening bugs in the company’s products in a span of 90 days. The hackers revealed that they could gain access to Apple’s source code repository, where codes for various applications, iOS and macOS are stored.

The most dangerous bug discovered by hackers had the potential to allow criminals to produce a worm that can easily steal the entire information including documents, videos and photos from an Apple user’s iCloud account and do likewise with the target’s contacts.

NEW: Apple paid five hackers a grand total of $51,500 for finding 55 bugs in three months.

One vuln could have allowed hackers to make a worm that could steal all iCloud data, another allowed the researcher to access an Apple source code repo. https://t.co/xYvKnLVJYA

— Lorenzo Franceschi-Bicchierai (he/him) (@lorenzofb) October 8, 2020

Username: Lorenzo Franceschi Bicchierai

Twitter handle: @lorenzofb

Retweets: 403

Likes: 1,029

4. Kevin Beaumont’s tweet on ransomware attack in Michigan

Kevin Beaumont, senior threat intelligence analyst at Microsoft, tweeted on Mt. Pleasant city in Michigan, US bearing the brunt of a remote ransomware attack. The attack was discovered on the city’s phone and computer systems, but the city’s firewall was not affected.

The Michigan State Police are investigating into the cyberattack and are not considering a ransom payment, as currently there is no evidence of infringement of personal information.

“The city’s firewall remained secure” https://t.co/Fh4vNROzi5

— Kevin Beaumont (@GossiTheDog) October 13, 2020

Username: Kevin Beaumont

Twitter handle: @GossiTheDog

Retweets: 106

Likes: 466

5. Briankrebs’ tweet on US treasury department warning firms against making ransom payments

Briankrebs, an independent investigative journalist, shared an article about the treasury department of US issuing a warning to companies about the repercussions they could face for negotiating with ransomware sharks. The treasury’s Office of Foreign Assets Control (OFAC) announced that payment of ransom to ransomware extortionists could result in hefty fines on businesses, especially if the attackers are already facing economic sanctions.

With financial losses caused by cybercriminals to digital companies increasing steeply over the last few years, the treasury imposed economic sanctions on the attackers by freezing their interests and properties. Firms that go against the OFAC sanctions without holding a treasury ‘license’ could face fines of up to $20m, the article noted.

In an advisory today, The Treasury Dept. warned that companies victimized by ransomware and those that facilitate ransom payments could face steep fines if they end up paying crooks who are already under economic sanctions https://t.co/SEGX42wSSB pic.twitter.com/0voczla1NN

— briankrebs (@briankrebs) October 1, 2020

Username: Briankrebs

Twitter handle: @briankrebs

Retweets: 133

Likes: 192

6. Robert M. Lee’s tweet on OFAC imposing sanctions on Russian government research agency

Robert M. Lee, CEO of Dragons, an industrial cybersecurity company, shared an article on US treasury’s OFAC imposing sanctions on a Russian government research institution for its connection with Triton malware. Triton was exclusively created for targeting and manipulating industrial safety systems, which enable safe stoppage of industrial processes in emergencies at important infrastructure units.

The Triton malware was earlier used against US allies in the Middle East, when the cybercriminals were involved in scanning and probing of US facilities. In the recent years, Russian hackers also targeted international agencies like the Organisation for the Prohibition of Chemical Weapons and the World Anti-Doping Agency.

This style of sanctioning is significant and honestly entirely appropriate against those involved in the first ever cyber attack to intentionally try to kill people in civilian infrastructure. #TRISIS #TRITON https://t.co/dVzAn0kusq

— Robert M. Lee (@RobertMLee) October 23, 2020

Username: Robert M. Lee

Twitter handle: @RobertMLee

Retweets: 60

Likes: 169

7. Thaddeus T. Grugq’s tweet on Microsoft dismantling Russian hacking network

Thaddeus T. Grugq, an information security researcher, shared an article on Microsoft joining forces with various cybersecurity firms to take down Russia’s hacking network, Trickbot, which is the world’s biggest botnet. Trickbot had the potential to disturb the US elections and was responsible for a ransomware attack that locked up systems at hundreds of US hospitals in the past.

The US military also launched cyberattacks on Trickbot recently, but the operation dismantled the hacking network for only 72 hours, whereas the takedown executed by Symantec, ESET, Black Lotus Labs, NTT and FS-ISAC in collaboration with Microsoft could have a long-term effect.

How could the next thing have been elections? Why? Ransomware is financial. Elections generate no money and get countries mad at you. Not everything in cyber is about elections. https://t.co/euldqIOiYN

— thaddeus e. grugq (@thegrugq) October 13, 2020

Username: Thaddeus E. Grugq

Twitter handle: @thegrugq

Retweets: 41

Likes: 167

8. Zack Whittaker’s tweet on governments urging tech companies to reduce security level

Zack Whittaker, security editor at TechCrunch, a tech news website, tweeted on how it is not secure for tech giants to reduce their level of security despite the requests of several international governments.

The governments of the US, UK, Canada, Australia, New Zealand, India and Japan expressed concern over using end-to-end encryption by tech companies, that could make it difficult for countries to detect dangerous information like terrorist attacks and also obstruct police investigation.

The head of UK’s National Cyber Security Centre (NCSC) called for a fair dialogue on the issue but Whittaker differs with the former’s viewpoint as he avers that security experts apprised governments in the past that securing backdoor encryption was not feasible without allowing hackers into the network.

No it doesn't (and not an unexpected take from the former head of NCSC). Cryptographers and security experts have been telling governments for years that there's no secure way to backdoor encryption for law enforcement without giving hackers a way in, but you refused to listen. https://t.co/HEHYCO4w6N

— Zack Whittaker (@zackwhittaker) October 19, 2020

Username: Zack Whittaker

Twitter handle: @zackwhittaker

Retweets: 41

Likes: 116

9. Eric Geller’s tweet on Russia targeting US government and aviation networks

Eric Geller, cybersecurity reporter at POLITICO, a political journalism website, shared an article about different state, local, territorial, and tribal (SLTT) governments in the US and aviation networks being targeted by Russia’s government sponsored advanced persistent threat (APT) actor activity. The US government’s Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released this information in a joint cybersecurity advisory.

The APT actor known by various names in open-source reporting organised a campaign against a wide range of US targets, tried to infringe upon various SLTT agencies and disrupted network infrastructure in the past few months, apart from extracting data from two target servers.

Two new alerts just now from @CISAgov about foreign governments targeting U.S. networks.

First, CISA names Russia as the actor it previously described targeting state & local govt & aviation: https://t.co/oMs6369M4W

The hackers have stolen data from at least 2 victim servers. pic.twitter.com/sNwDuCdSfA

— Eric Geller (@ericgeller) October 22, 2020

Username: Eric Geller

Twitter handle: @ericgeller

Retweets: 60

Likes: 87

10. Troy Hunt’s tweet on hacking of Trump’s twitter account for the second time

Troy Hunt, a web security consultant, shared an article on former US President Donald Trump’s twitter account being hacked for the second time in October 2020. Three Dutch hackers had previously accessed Trump’s twitter account in the run up to US presidential elections in 2016.

The article noted that the official twitter account of the President of The United States (POTUS) not having two-factor authentication enabled is very shocking and exposed the lackadaisical approach on the account handlers’ part, as the social networking site mandates authentication process for verified accounts.

Trump’s account was unaffected in July 2020’s Twitter hack, when accounts of former president Barack Obama and the current US President Joe Biden were compromised.

Wow, nice one ⁦@0xDUDE 😎⁩ “How Trump’s Twitter account was hacked – again” https://t.co/BGV4hm1gYH

— Troy Hunt (@troyhunt) October 22, 2020

Username: Troy Hunt

Twitter handle: @troyhunt

Retweets: 12

Likes: 78