“There were thousands of unsuccessful attempts to gain access to internal systems happening every week, and nobody noticed”, Pieter “Mudge” Zatko says to members of the Senate Judiciary Committee.
Twitter is open to foreign intrusion through the internal channels due to the access that employees are granted to the systems they need, an ex-executive testified before Capitol Hill today.
The former Twitter Security chief Pieter Zatko, also known as Mudge, detailed(Opens in a new window) his concerns to the Senate Judiciary Committee this morning and reiterated that he believes “Twitter’s insecure handling of the personal data of its users as well as its inability or unwillingness honestly communicate issues in its boards of directors and regulators has resulted in real risks to millions of Americans as well as their democratic process, American system of democracy as well as America’s national security.
“Further I am of the opinion that Twitter’s decision to deliberately deceive regulators violates the legal obligations of Twitter and must not be morally acceptable,” he added.
These risks are posed by the company’s inability to spot undesirable actors in its staff. According to Zatko who was employed at Twitter from 2020 until 2022. The company typically only learned that there were Twitter workers who are foreign agents once they were notified of the presence of foreign agents by an external agency such as the FBI.
Twitter “simply didn’t have the capabilities to search for foreign intelligence agencies and then expel them by themselves,” According to Zatko.
Twitter was unable to track down foreign agents due to the fact that they didn’t have central access and logging controls that allowed more employees access to crucial systems with no supervision, Zatko said. This includes information about the people who logged into Twitter as well as what activities they did.
“Later in my time I discovered the number of unsuccessful attempts to connect to internal systems happening every week, and nobody noticed,” Zatko said. “This basic lack of log-in within Twitter is the result of their being so far behind in their infrastructure, and their engineering engineers are not given the opportunity to make changes to improve.”
This creates Twitter an ideal target for foreign governments who are interested in the inside functioning of the social network. In reality, the information was such that the governments that were not allowing foreign agents to join Twitter did not actually performing their duties, Zatko mused.
“Twitter was an organisation that was controlled by risks and crises instead of one that managed risks and crises,” Zatko said. “It would respond to issues to problems too in the last minute.”
Twitter did not respond immediately to a request for comments However, in its earlier announcements, it stated that Zatko was dismissed “for poor leadership and ineffective performance.” Twitter stated that Zatko’s claims are untrue and a “false narrative…riddled with contradictions and inaccuracies, and is devoid of contextual information.”
Zatko’s testimony was made during the time that Twitter shareholders voted today to approve(Opens in new tab) Elon Musk’s buyout proposal, despite the fact that Musk is working to get out of the deal. The dispute will go to trial on October. 17 and one of the elements of Musk’s defense will include Zatko’s whistleblower account.
