Twitter former security head calls platform ‘threat to national security’

Twitter’s former security head has issued a whistleblowing disclosure to the US government which slams the social platform’s security practices and appears to back up some of what Elon Musk has been claiming.

CNN And the Washington Post have obtained and revealed details of an ‘explosive whistle-blower disclosure’ by Twitter’s former head of security Peiter ‘Mudge’ Zatko (pictured above, image courtesy of CNN), which was sent to US congress and other government agencies last month. The article reports that Twitter’s security practices are described rather alarmingly as a ‘threat to national security and democracy’.

The report asserts that security protocols on the social media platform are lacking, to say the least, in that too many staff have access to the platform’s central controls and sensitive information, that some senior execs have been trying to cover up Twitter’s vulnerabilities, and that ‘one or more current employees may be working for a foreign intelligence service.’

Zatko claims Twitter’s leadership has misled its board and US government regulators with regards to the state of its security vulnerabilities, ‘including some that could allegedly open the door to foreign spying or manipulation, hacking and disinformation campaigns.’ He also says Twitter does not reliably delete users’ data after they cancel their accounts, partly because the company has lost track of the information, and that it has misled regulators about this.

Prior to going to the US authorities, Zatko says he attempted to flag these security and compliance gaps to the board and to try and fix them while he was head of security at the firm. However he claims that he was encouraged to obfuscate the true picture by the latest CEO and other execs, according to the CNN report. He was fired in January, which Twitter claims was for ‘poor performance’.

CNN quotes a Twitter spokesperson in response: “Mr Zatko was fired from his senior executive role at Twitter for poor performance and ineffective leadership over six months ago. While we haven’t had access to the specific allegations being referenced, what we’ve seen so far is a narrative about our privacy and data security practices that is riddled with inconsistencies and inaccuracies, and lacks important context. Mr Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been company-wide priorities at Twitter and we still have a lot of work ahead of us.”

Zatko’s disclosure to government agencies, which included the Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice, is apparently 200 pages long and there’s plenty more detail in the CNN report with a handy summery video up top.

There is a further claim that could have relevance to the Elon Musk/Twitter saga, in which Musk is attempting to back out of a $44 billion purchase of the firm on the basis that upon inspection he thinks there are more bots in the platform than was disclosed, while Twitter denies this and is trying to enforce the purchase. Zatko also says Twitter executives actually don’t have the resources to fully understand the true number of bots on the platform, ‘and were not motivated to’.

Coincidentally, it was also reported today that Elon Musk has subpoenaed former CEO Jack Dorsey for the upcoming trial date on October 17th. CNN seems to imply the disclosure was less damning of Dorsey in terms of his attitude to shoring up the platform’s security, so perhaps he’ll have some similarly spicy things to say on the matter.

The entire story has been mysterious from the start – the question of why would Elon Musk want to buy Twitter at all, and particularly for such a huge sum of cash which he has had to sell off Tesla stock to brace for, is still more or less unanswered unless you take it at face value that he thinks it’s very important that Twitter has less censorship. It’s not inconceivable the subsequent pulling out on the basis of bot numbers was contrived to shine some light on an issue Musk clearly feels strongly about – but now it’s going to court that looks like a hell of an expensive way to make a point.

Having a company force another party to buy them despite the fact they don’t want to anymore isn’t the usual narrative you see from these sorts of high value Silicon Valley M&A stories – but if successful Elon Musk will find himself in the unusual position of dropping $44 billion on a firm he has been criticising for being riddled with bots for months, and basically inferring than in aggregate Twitter is something other than it claims to be.

The allegations by Zakto as they are described by CNN seem to go some way to backing up what Musk has getting at since trying to pull out of the deal, whether or not it has any bearing on the case we’ll have to see in October.


Get the latest news straight to your inbox. Register for the newsletter here.

  • BIG 5G Event

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.