Are You Having A Technology Emergency?

JS Business Solutions Blog

JS Business Solutions has been serving the Attleboro area since 2012, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What Twitter’s API Breaches Mean for Cybersecurity Trends

What Twitter’s API Breaches Mean for Cybersecurity Trends

Back in December of 2021, an API vulnerability impacting Twitter was disclosed. Just a few months later, in July, data from more than 5.4 million users—obtained through this vulnerability—was put up for sale, and more recently, another hacker shared the data online. Let’s take the opportunity to examine the concept of an API attack, and what can and should be done to stop them.

To begin, let’s review what an API, and an API attack, really is.

An API—Application Programming Interface—Enables Communication Between Programs

All an API really is, is a bit of code that allows the applications we all rely on to connect to the Internet in a secure and standardized way. Sending a friend a payment through a money sharing application? There’s an API involved. Adjusting a smart appliance through an app? Thanks, API!

The process works as follows:

  1. You send a command to an application on your mobile device.
  2. The application connects to the Internet to share the data contained in the command.
  3. A server receives the data, interprets it, and carries out the appropriate actions
  4. Your mobile device receives the data back and presents it to you.

Today, APIs are largely standardized, which generally makes them more secure—your device and the server powering the online service are only communicating the absolutely necessary information between them.

Twitter’s API Vulnerability Removed this Separation

An exploit was present in one of Twitter’s APIs that ultimately allowed hackers to identify who owned Twitter accounts by submitting email addresses or mobile phone numbers to the API—and by the time the vulnerability was fixed in January of 2022, the damage was already done.

API Attacks are a Big Deal

Twitter is far from the only example of an API attack, with the vast majority of businesses encountering security problems as a result of these interfaces, a sizable chunk of those suffering a data breach as a result. It is because APIs are inherently trusting of systems that try to connect to them—and so, if an attacker gets access to an API, they have an expressway right into that organization’s databases.

Once they have access to this data, an attacker can then use it as ammunition to improve their social engineering efforts.

How to Avoid the Impacts of API Attacks

The key to avoiding API attacks is to teach your team about them, largely by helping them to identify various scams like phishing before this kind of information is successfully exfiltrated from your business. In short, you need to make sure that they can identify phishing attacks, and that a variety of other security measures are in place, like two-factor authentication and sufficient password practices.

We’re Here to Help You Maintain Your Security

Reach out to JS Business Solutions at (781) 715-1900 to learn more about how we can help you protect your business’ operations.

Patience Can Equal Productivity
Cloud Computing May Be the Answer to Your Technolo...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 21 2024

Captcha Image

Latest Blog

There has been a good deal of controversy about how personal data has been collected, sold, and used over the past few years. Companies of all types package and sell data to create a valuable extra revenue stream for their business, and whi...

Latest News & Events

JS Business Solutions is proud to announce the launch of our new website at http://www.jsbusinesssolutions.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what JS Business Solutions can do for your business.

Call Us Today
Call us today
(781) 715-1900

12 Pratt Street
Suite 103

Mansfield, Massachusetts 02048

TOP