Fox, NBC and USA Today – Who’s the Next Script Kiddies Target?

Share Your Thoughts: Facebooktwitterlinkedin

Social Media Safety and Risk Management

By Karen Masullo, EVP Social Media, Firestorm

Summary: USAToday’s Twitter account became the latest victim of the hacking group Script Kiddies: Unlike previous Script Kiddies hacks however, the USA Today effort apparently did not include tweets with fake news stories. Instead, the group boasted about previous hacks and encouraged people to “like” them on Facebook.

You may recall we discussed a breach of the FoxNews Politics Twitter account by the Script Kiddies Hackers over the 2011 July 4th weekend.

Next, NBC News found itself victim of a tasteless attack via its Twitter account on September 9th of this year. The NBC News hacks read:

Breaking News! Ground Zero has just been attacked. Flight 5736 has crashed into the site, suspected hijacking…more as the story develops


Flight 4782 is not responding, suspected hijacking. One plane just hit Ground Zero site at 5:47,” the hackers wrote in a second tweet before posting, “This is not a joke. Ground Zero has just been attacked. We’re attempting to get reporters on the scene.

In the Fox Twitter account hack, the offending messages were left “live” on the account for more than 12 hours – many suspected this was to allow the FBI and others to investigate but this was never confirmed, and that in itself created negative messaging.

In the NBC attack, due to solid oversight and communication by NBC’s Marketing Director Ryan Osborn, the issue was spotted and reported within 3 minutes, and removed within 8. Moreover, NBC used its hundreds of thousands of followers to act as brand advocates and reach out to the Twitter community en masse to alert users to the hack.

According to MSNBC, Twitter blocked the NBC account within eight minutes of being notified of the fake tweets and found that it was executed via an email hack rather than a breach of Twitter’s systems.

NBC kept its followers informed and the company later tweeted: “Our account is secure and under control. Apologize for the scare. We value your trust.” It also thanked people for “spreading the word and not sharing bad information.”

The MSNBC report goes on to say that Ryan Osborn, NBC News’s director of social media, could have been sent a spyware Trojan horse that grabbed passwords as they were typed at the keyboard.

Osborn says that he recently received a suspicious email as Hurricane Irene approached New York. The email had the following characteristics:

Hurricane Alert


Message body:
Ryan, You need to get off TWITTER immediately and protect your family from the hurricane. That is an order.

Osborn wrote back to saying  “I’m sorry. Who is this?” and got the reply “I’m the girl next door”, with a file attached.

Osborn says that when he opened the attachment it contained an image of a Christmas tree.

The supposition is that the Trojan horse installed a keylogger on Osborn’s computer and was then able to gain unauthorized access to NBC News’s Twitter account.

According to who originally interviewed a purported member of the Script Kiddies hacker group after the FoxNews attack:

“In the months since Fox News was hacked, The Script Kiddies have carried out several smaller scale hacks, mostly against corporations, and almost entirely targeted to social media platforms. Pfizer, McAfee and Verizon all had Facebook pages hacked by The Script Kiddies in the last two months, though the extent of the damage never extended beyond a few tweaks to profile information and a few self-congratulatory wall posts.

The Script Kiddies’ preference for social media sites may relate to the relative ease of breaking into Twitter accounts and Facebook pages.

At news organizations like NBC News or Fox News, often interns or low-level employees are given broad access to social media sites like Twitter.’

And while NBC News reported that only three senior executives at the company had access to their main account, the Script Kiddies representative said that there were gaping holes in NBC’s online security.”

USAToday’s Twitter account became the latest victim: Unlike previous Script Kiddies hacks, however, the USA Today effort apparently did not include tweets with fake news stories. Instead, the group boasted about previous hacks and encouraged people to “like” them on Facebook.

The Script Kiddies, an offshoot of the hacker group Associated, boasted on their Facebook page:

“Just Hacked USAToday and made a new Facebook fan page, lost access to the last one.”

As cautioned by Security Experts Sophos:

“It’s unclear how the USA Today Twitter account was compromised, but there was speculation that the hack was assisted by a spyware Trojan horse.  As always, Sophos recommends that social networking users ensure that they keep their security software up-to-date, choose hard-to-crack passwords and never use the same password in more than one place.”

Please keep in mind, social media management is a sophisticated process requiring a seasoned, well-monitored and managed approach. Senior Leadership must be a part of the process; the biggest risk lies not in using social media, but in using it unwisely.

Firestorm’s Business Social Media Safety Tips:



    1. Alert your IT Group immediately if you suspect a hack or breach.




    1. Scan attached files from know senders if your Virus protection program does not do this automatically.


    1. Use extreme caution when you click links that you receive in messages on social websites.


    1. Know what you’ve posted about yourself and use custom password reminder questions, not publicly available information.


    1. Own your company Brand(s) and monitor.


    1. Do not allow social networking services to scan your email address book to “find your friends.”


    1. Type the address of social networking sites directly into your browser or use your personal bookmarks; do not click unknown or shortened links from messages and email.


    1. Choose your social network carefully and be selective about who you accept as a friend on a social network. A little research goes a long way.


    1. Assume that everything you put on a social networking site is permanent and that your mother (and your boss) will read it.


    1. Be careful about installing extras or allowing unknown or new sites to connect accounts and share information.


    1. Train yourself and employees on safe social media management. Have a custom policy that fits your organization and corporate culture.


    1. Use anti-virus and anti-malware software and regularly install security updates for your browser and operating security system.


    1. Use strong passwords and don’t share them with anyone. Do not use the same password for multiple sites. EVER.


    1. Protect your mobile devices.


    1. Avoid using one tool to manage personal and business accounts. Keep business tools separate.


  1. Assure key senior leaders in company have access to social accounts in an emergency.

What to do if you believe your Social Media Account has been hacked:

On Twitter:

On Facebook:

On LinkedIn:

Questions?  Comments? Have you been hacked?

Share Your Thoughts: Facebooktwitterlinkedin