In an important reminder that none of us are immune to the exploits of cyber-criminals, hackers recently took over the Twitter account of Russian Prime Minister Dmitry Medvedev, @MedvedevRussa, announcing the leader's "resignation" on the social media site.
"I'm resigning," read one of the tweets, stating that Medvedev planned to leave his work in politics to become a freelance photographer. "I'm ashamed of the government's actions. Forgive me."
The hackers flooded Medvedev's 2.5 million Twitter followers with messages that also criticized Russia's recent annexation of Crimea, which previously belonged to Ukraine. At the time, the prime minister was on a diplomatic visit to the region. The hackers also sent tweets that questioned the decisions of Russian president Vladimir Putin, who Medvedev strongly supports.
"I've wanted to say this for a long time," said one tweet, which addressed the president by a childhood nickname. "Vova, you're wrong!"
Yet another series of messages criticized a recent decision to ban certain food items imported from countries that have imposed sanctions on Russia.
The attack happened the morning of August 14. The prime minister was able to regain control of his account about an hour after the hackers took it. The fake tweets were deleted, and Medvedev has not posted any new public messages since.
Medvedev is well known for his love of technology and social media, and is presumed to be fairly savvy when it comes to cyber security. He reportedly created his account during a visit to Twitter's headquarters in Silicon Valley several years ago. However, as we saw, even Medvedev's online account was not sufficiently secure.
A Russian hacking group called Shaltay Boltay appeared to claim responsibility for the attack on its Twitter page. The hackers have previously garnered the attention of government officials in the past, when they released emails they claimed came from both Medvedev and one of his former aides. The group also tweeted pictures of a government meeting that appeared to be taken from the seat in which the prime minister sits.
This story serves as an important lesson for us all: The accounts of even the most technologically savvy and powerful users are vulnerable to infiltration and attack. That's why you should never use the same password across multiple accounts. The odds are good that at some point, the security of one of your online profiles will be compromised. If the password for that account matches entry codes for your other web services, then you have essentially given hackers unrestricted access to all of your private social, professional and financial information. If, however, your passwords are all unique and specific to their respective accounts, then all your other personal data remains secure.
It can be difficult to remember what may be dozens of distinct passwords, which is why we strongly recommend investing in a password manager like Safeconnex. Such systems can keep track of all of your codes in a private digital vault, which is easy for you to reference but hard for cyber-criminals to attack. While a manager cannot guarantee you immunity from hackers, it can minimize your risk by giving you an important extra layer of protection.
Web expert and blogger Anton Nosik told The Guardian newspaper he believes Medvedev failed to employ a two-step verification process that would have added extra security to his account, saying that several staffers likely also had access to the prime minister's password. An additional reminder: Don't share your passwords with anyone and always select to use two-step verification when given the option.