One tweet to rule them all? That’s the way it seemed when the AP’s Twitter account got hacked a few days ago.
And just like that, the Dow dropped 143 points from 14,699 to 14,555. The SEC has noted this as $200-billion drop. Autotrading algorythyms engaged faster than any human could, producing the almost instantaneous plummeting. Fortunately for everyone, within a few minutes the disclaimers started flying.
Prone to Panic?
NBC News observes that this also demonstrates how easily rattled we have become when the topic turns to terrorism, a state that makes this sort of lie less likely to be challenged before being reshared. I think Bob Sullivan makes some excellent observations here:
‘We’re in an environment where we’re sensitive to any news that sounds like terrorism,’ said Art Hogan of Lazard Capital Markets. ‘That makes it that much more believable. That’s the tricky part. When something like AP gets hacked, it becomes reality for a period of time, until it’s not.’
The market’s reaction hints at the our collective fragility right now. In the past, carefully crafted fake press releases or other Internet disinformation has been able to influence individual stocks both up or down.
But a single Tweet sinking the market? It’s just the latest sign that lies now spread on the Internet as fast as computer viruses, and can have just as much impact. Like the false rumors that spread like wildfire during the Boston bombing aftermath, or Hurricane Sandy before that, Twitter’s surge to mainstream popularity — it now boasts 140 million U.S. accounts — has made it an incredible source of on-the-spot information, but also the world’s most powerful rumor-mongering tool.
Of course, we often forget that “social media” are composed of people. That means that while the news is out there you can be also subjected to every barroom discussion, water cooler speculation, and good- or ill-natured prank online. This is one reason I consistently argue that classic journalism needs to continue to be part of the equation, and the journalists (optimally) are the verifiers and the gatekeepers. Snopes and Annenberg’s FactCheck.org will eventually sort it out, but reliable verification in real time is not their forte.
Copy Editors Weren’t Fooled
Arika Okrent is one of my favorite contributors to Mental Floss. She is also editor-at-large at The Week with the eagle eye, who noted a number of signs marking the AP tweet as a fake. A few of the more obvious ones included the following:
- The tweet originated from the Web. All AP tweets are branded “via Social Flow” because of the third-party tool AP uses in-house.
- No period.
- “Explosions” is capitalized for no reason.
See how many you can pick out in the screencap of the original tweet above. There are a total of seven. Check them out in Okrent’s article, “7 ways we could tell the AP tweet was a fake.”
Media Security Needs to Step Up
Most speculation holds to the idea that the AP account was compromised at the password level. No major hacking involved, just the acquisition of a username and password — both often found for free or for sale on “black hat” forums. Someone probably got caught by a phishing email.
Obviously, as the $200-billion bounce just demonstrated, a bit more online security is required. Thankfully it seems some people are aware of that, as USA TODAY reports:
Stephen Ward, director of the Center for Journalism Ethics at the University of Wisconsin-Madison, says a hoax tweet has the potential for far more damage than pocketbooks.
‘It could have had people trampled, real injuries. This is the world we live in now. And in light of this, news organizations have to certainly increase security procedures so that they can’t be hacked easily. […] (If it was phishing that led to this), that is not proper security. They’ve got to review the security procedures. We can’t control non-professionals or individuals using social media. But as news organizations, we have to hold the line here.’
Internet security is usually too lax in most places. Just think about how many work computers you have seen where the password was either “password” or “1234567890.” How many incidents will need to occur before everyone begins to understand the need for decent online security?
Twitter has been criticized over this as it’s one of the few major platforms that has not adopted a two-step verification, an extra layer of security that is standard for Google and Facebook. Unfortunately, this is not the first high-profile corporate account to be hacked in 2013.
In February, Burger King’s account was hacked, and some merry prankster swapped out the company’s logo with a McDonald’s logo before sending out what the company described as “rogue tweets.” One day later Jeep’s corporate account was attacked. CBS News had several of its Twitter accounts compromised just days before the AP tweet.
So, while the FBI and SEC investigate, a lot of people are witnessing the dark side of social media. You can’t let it eclipse the good done by Twitter during times like the tsunami in Japan or Hurricane Sandy, but a wise person must keep both eyes open.