Feeling Vulnerable

I wake up at 2 a.m. from nightmares of our @ccuchanticleers Twitter account getting hacked. For any social media professional, the thought of an account under our watch being compromised is downright scary. We change passwords frequently, utilize multi-factor authentication, and stay up to date with cybersecurity best practices but we never know if it will be enough.

NEWS FLASH: It isn’t.

Over the past several days, twitter accounts from half of the teams in the NFL and multiple ESPN-affiliated accounts (including @ESPN) have fallen victim to hacks. Hello!? How could social media heavyweights like @Packers and @Sportscenter get hacked? With mega followings and A LOT of money invested into their social presences, shouldn’t they invest in protection that wouldn’t make them susceptible to such breaches?

These are the types of tweets the hacked NFL Twitter accounts sent out after they were compromised.

But this is where it gets even scarier. They do. Don’t kid yourself, these teams and brands are set up to thwart hacking attempts. They know full well the negative impact of someone else broadcasting random tweets to their millions of followers. The somber reality is that certain hackers are simply ahead of this cat and mouse game.

A hacker group called OurMine is currently causing the carnage. They have successfully managed to infiltrate the security provisions of highly popular accounts and take over. This is no fluke, folks. You don’t gain control of Twitter handles from the NFL, UFC, and ESPN by getting lucky; rather, you have to be damn good at what you do.

How much would this suck to happen to your Twitter account?

Of course the ramification we have to look at first is how hackers could impact the lives and well-being of millions of people. Instead of hacking the account of a football team, what if OurMine hacks @CNN or @DeptOfDefense? Could you imagine the panic that would be caused if they decided to drop their self-promoting-white hat hacking “help us improve your account security” garbage and instead tweeted something about a bogus impending nuclear attack? It would be pandemonium.

The much minor ramification is the impact that groups like OurMine have on my mental health. Obviously the accounts I manage are free for the taking. What happens if one day OurMine decides it wants to terrorize the social media accounts of a medium-sized liberal arts college as opposed to those of the Worldwide Leader in Sports? Yikes!

Sometimes we can’t obsess over the “what ifs?” Instead of beating myself up over the possibility, I need to tighten my plan of how we would react and regain control of our accounts if the catastrophic ever did happen. By no means are the accounts we run invincible. Aside from doing the absolute most to secure our accounts and plan for an actual hacking, we can cross our fingers that the social media channels themselves are going to do all they can to regain the upper hand over hackers. Don’t Blink.