16 September 2022

China, India had agents working at Twitter, whistleblower says


WASHINGTON — Twitter’s former security chief told Congress on Tuesday there was “at least one agent” from China’s intelligence service on Twitter’s payroll and that the company knowingly allowed India to add agents to the company roster as well, potentially giving those nations access to sensitive data about users.

These were some of the troubling revelations from Peiter “Mudge” Zatko, a respected cybersecurity expert and Twitter whistleblower who appeared before the Senate Judiciary Committee to lay out his allegations against the company.

Zatko told lawmakers that the social media platform is plagued by weak cyber defenses that make it vulnerable to exploitation by “teenagers, thieves and spies” and put the privacy of its users at risk.

Among the assertions from Zatko that drew lawmakers’ attention was Twitter’s apparent negligence in dealing with governments that sought to get spies a job inside the company. Zatko said that Twitter’s inability to log how employees accessed user accounts made it hard for the company to detect when employees were abusing their access.

Zatko said he spoke with “high confidence” about a foreign agent that the government of India placed at Twitter to “understand the negotiations” between India’s ruling party and Twitter about new social media restrictions and how well those negotiations were going.

Zatko also revealed Tuesday that he was told about a week before his firing that “at least one agent” from the Chinese intelligence service MSS, or the Ministry of State Security, was “on the payroll” at Twitter.

In a statement, Twitter TWTR, +0.38% said its hiring process is “independent of any foreign influence” and access to data is managed through a host of measures, including background checks, access controls, and monitoring and detection systems and processes.

Zatko said he was similarly “surprised and shocked” by an exchange with current Twitter CEO Parag Agrawal about Russia — in which Twitter’s current CEO, who was chief technology officer at the time, asked if it would be possible to “punt” content moderation and surveillance to the Russian government, since Twitter doesn’t really “have the ability and tools to do things correctly.”

“And since they have elections, doesn’t that make them a democracy?” Zatko recalled Agrawal saying.

No comments: