{
    "version" : "https://jsonfeed.org/version/1",
    "content" : "news",
    "type" : "single",
    "title" : "Government Must Respond Rapidly to Social Media Hacking |Digital.gov",
    "description": "Government Must Respond Rapidly to Social Media Hacking",
    "home_page_url" : "/preview/gsa/digitalgov.gov/cms/news/2024/07/2024-07-02-case-study-increasing-access-to-required-bankruptcy-meetings/","feed_url" : "/preview/gsa/digitalgov.gov/cms/news/2024/07/2024-07-02-case-study-increasing-access-to-required-bankruptcy-meetings/2013/04/25/government-must-respond-rapidly-to-social-media-hacking/index.json","item" : [
    {"title" :"Government Must Respond Rapidly to Social Media Hacking","summary" : "The hacking of an Associated Press news account on Twitter this week, and its fallout, underscored the need for agencies","date" : "2013-04-25T13:25:31-04:00","date_modified" : "2024-07-05T22:14:24-04:00","authors" : {"jherman" : "Justin Herman"},"topics" : {
        
            "security" : "Security",
            "social-media" : "Social Media"
            },"branch" : "cms/news/2024/07/2024-07-02-case-study-increasing-access-to-required-bankruptcy-meetings",
      "filename" :"2013-04-25-government-must-respond-rapidly-to-social-media-hacking.md",
      
      "filepath" :"news/2013/04/2013-04-25-government-must-respond-rapidly-to-social-media-hacking.md",
      "filepathURL" :"https://github.com/GSA/digitalgov.gov/blob/cms/news/2024/07/2024-07-02-case-study-increasing-access-to-required-bankruptcy-meetings/content/news/2013/04/2013-04-25-government-must-respond-rapidly-to-social-media-hacking.md",
      "editpathURL" :"https://github.com/GSA/digitalgov.gov/edit/cms/news/2024/07/2024-07-02-case-study-increasing-access-to-required-bankruptcy-meetings/content/news/2013/04/2013-04-25-government-must-respond-rapidly-to-social-media-hacking.md","slug" : "government-must-respond-rapidly-to-social-media-hacking","url" : "/preview/gsa/digitalgov.gov/cms/news/2024/07/2024-07-02-case-study-increasing-access-to-required-bankruptcy-meetings/2013/04/25/government-must-respond-rapidly-to-social-media-hacking/","content" :"\u003cp\u003e\n  \u003ca href=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2013/12/Safe-cracker.jpg\"\u003e\u003cdiv class=\"image\"\u003e\n  \u003cimg\n    src=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2013/12/Safe-cracker.jpg\"\n    alt=\"Image of a safe on a mobile phone\"/\u003e\u003c/div\u003e\n\n\u003c/a\u003e\n\u003c/p\u003e\n\u003cp\u003e\n  [\u003cstrong\u003eEditor\u0026#8217;s note:\u003c/strong\u003e \u003cem\u003ePlease watch the Jan. 15 , 2015, webinar on\u003ca href=\"https://www.youtube.com/watch?v=tesgduqeyjI\u0026authuser=0\"\u003e How Government Can Prepare for and Respond to Social Media Hacks.\u003c/a\u003e on our Youtube channel\u003c/em\u003e]\n\u003c/p\u003e\n\u003cp\u003e\n  The hacking of an Associated Press news account on Twitter this week, \u003ca href=\"http://www.nextgov.com/mobile/2013/04/how-twitter-accounts-apsget-hacked/62732/?oref=ng-HPriver\" target=\"_blank\"\u003eand its fallout\u003c/a\u003e, underscored the need for agencies to prepare for similar obstacles. Especially in public service, misinformation from rogue accounts can create damaging impact. Following these steps can help you mitigate the risk of not only rogue posts from your own account, but also respond to rogue posts from outside accounts that could harm your mission.\n\u003c/p\u003e\n\u003cp\u003eThe \u003ca href=\"http://news.yahoo.com/hackers-compromise-ap-twitter-account-173138187--finance.html\" target=\"_blank\"\u003emost recent incident\u003c/a\u003e occurred because of an \u003ca href=\"https://twitter.com/MikeBakerAP/status/326749951960940544\" target=\"_blank\"\u003eemail phishing scam\u003c/a\u003e that could have targeted anyone. There may seem like more opportunities for slip-ups in the fast paced world of social media, but following standard rules will still keep you out of trouble in most cases.\u003c/p\u003e\n\u003cp\u003eIn fact, what’s often blamed on social media hacking is rooted in poor account management: easy-to-guess passwords; passwords that aren’t changed periodically or after staff changes; or lazy device security such as unlocked computers or mobile devices. Luckily it’s often easy for government to prevent “social media hacking” using simple precautions, and regain control of the situation when it does occur.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eProtecting Your Account from Hacking\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eTwitter’s website has\u003ca href=\"https://support.twitter.com/articles/76036-keeping-your-account-secure\" target=\"_blank\"\u003e recommendations for avoiding security pitfalls\u003c/a\u003e you will recognize from many other Internet technologies you use at your agency, including:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse a strong password.\u003c/li\u003e\n\u003cli\u003eUse different passwords for your social media accounts.\u003c/li\u003e\n\u003cli\u003eWatch out for suspicious links, and always make sure you’re on Twitter.com before you enter your login information.\u003c/li\u003e\n\u003cli\u003eNever give your username and password out to untrusted third parties, especially those promising to get you followers or make you money.\u003c/li\u003e\n\u003cli\u003eMake sure your computer and operating system is up-to-date with the most recent patches, upgrades, and anti-virus software.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\n  The bottom line is to use the same common sense you use elsewhere.\n\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eRepairing Your Account After Hacking\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\n  Let’s say that the damage is already done and you’ve lost control of your Twitter account \u0026#8212; what then? If you follow these steps, you can minimize the trouble caused and get your mission back on track quickly.\n\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eHave a plan ahead of time\u003c/strong\u003e: Don’t wait for the unknown to happen. Make certain your social media strategy has a contingency plan for a compromised account, and that all parties who need to make a decision when it counts are prepared to carry it out quickly and efficiently.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eInform Twitter\u003c/strong\u003e: First fill out a \u003ca href=\"https://support.twitter.com/forms/hacked\" target=\"_blank\"\u003eTwitter support request\u003c/a\u003e for the hacked account. Then \u003ca href=\"https://support.twitter.com/forms/hacked\"\u003eemail the ticket number\u003c/a\u003e to the Center for Excellence in Digital Government so we can pass it along and monitor for widespread incidents. Timing is critical in these initial minutes.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eChange all other social media passwords\u003c/strong\u003e: Even if you think the security breach is limited to the one account, it is prudent to immediately change the passwords of all other social media accounts, as they are often linked. If you find you’re losing control of other accounts, contact those platforms immediately as well.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAlert your followers to hacking\u003c/strong\u003e: If you don’t have access to your account yet, use other accounts to alert your community that a breach occurred. Chances are if rogue tweets are sent to your community they will already suspect something is wrong and this will help prevent the spread of false information. Make sure this is sent within four minutes of the initial breach, at most, and that your strategies and policies allow you to respond quickly when it counts.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDispel rumors\u003c/strong\u003e: Once your account is regained, make a record of the rogue tweets, delete them from your stream, and communicate to your community what happened. Yours won’t be the first account hacked, but citizens rely on you to handle it best.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\n  \u003cstrong\u003eResponding to Rogue Tweets from a Hacked Account\u003c/strong\u003e\n\u003c/p\u003e\n\u003cp\u003e\n  Sometimes the best preparation can’t protect you from misinformation when someone else’s hacked account is spreading misinformation about your agency. Just like when repairing your own account, time is of the essence and citizens need you ready to dispel rumors.\n\u003c/p\u003e\n\u003cblockquote\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eHave a plan ahead of time\u003c/strong\u003e: Again, don’t wait for the unknown to happen: Make sure your agency is ready to respond quickly and effectively.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDispel rumors\u003c/strong\u003e: Once you confirm that the information is in fact false, quickly communicate to your community the correct information. Timing is critical in these initial minutes.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eInform Twitter\u003c/strong\u003e: As the other party may not be aware they are hacked yet, connect with Twitter and let them know your concerns. If there is a security breach, this may help get the wheels in motion sooner to fix the problem.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003eWhile handling a hacked account can be a big fear for agencies, social media also gives you the ability to quickly and efficiently mitigate risk and fallout — if you’re prepared for it. Check out DigitalGov University’s training on cybersecurity and social media, and look forward to more guidance and recommendations as agencies continue to use Twitter to engage with citizens.\u003c/p\u003e\n"}
  ]
}