Trump's Twitter Account Hacked...Again?
NOTE: Between The Hacks is a technology blog. We respect everyone’s right to their own political views and will address only the technical aspects of this topic in an effort to make people more aware of cybersecurity risks and defense measures.
Trump’s Statements on Hacking
At a campaign rally in Tuscon, AZ on Monday, Donald Trump stated, “Nobody gets hacked. To get hacked, you need somebody with 197 IQ and he needs about 15 percent of your password.” The video quickly spread across the cybersecurity social media circles and generated a lot of attention. Today, Between The Hacks will dissect Trump’s statements, touch on some related news about a possible hack of Trump’s Twitter account, and share a few basic tips on how to secure your social media accounts.
Let’s break down these statements.
“Nobody gets hacked” - This statement is obviously not true. To be fair, this may have been a hyperbolic statement but he should know better than to say this since Trump’s hotel chain was hacked twice.
“To get hacked, you need somebody with 197 IQ…” - While most people recognize that the “very superior” level of an IQ score starts at 130, it is possible to score 197 and even over 200. However, this statement is feeding into the incorrect stereotype that all hackers are geniuses.
“…and he needs about 15 percent of your password.” - First, not all hackers are male, in fact, some of the best hackers are women. Additionally, Trump’s statement shows a lack of understanding about how passwords are stored and cracked. Unlike in the movies, passwords are not cracked one character at a time. Passwords are typically turned into a hash value and stored on a system so that when a user attempts to log in, the password they type is hashed, then compared to the hash that is stored on the system. I won’t get deep in the weeds here, but you can read more about password hashing in this BTH blog.
Trump’s Twitter Account Hacked?
On a similar topic, a Dutch researcher claims to have guessed Trump’s Twitter password last week. According to a Dutch article on the topic, surprisingly, the President of the United States does not use multi-factor authentication (MFA) on his Twitter account and his password was easily guessed by the Dutch researcher in just a few attempts. The researcher claims that Trump’s Twitter password was “maga2020!”.
Yesterday, the White House denied claims that the President’s Twitter account was compromised. According to The Verge, a Twitter spokesperson stated, “We’ve seen no evidence to corroborate this claim, including from the article published in the Netherlands today.” White House deputy press secretary Judd Deere also denied the report. “This is absolutely not true, but we don’t comment on security procedures around the President’s social media accounts.”
What Can You Do?
Regardless of what happened, here are some takeaways:
Anyone can be hacked.
Anyone can be a hacker. You do not have to have an IQ of 197, you do not have to have a college education, and you certainly don’t need to be male.
To reduce your risk of your social media account being hacked, follow these three steps: