Twitter’s former head of security alleged that the company misled regulators about its poor cybersecurity defenses and its negligence in attempting to root out fake accounts that spread disinformation, according to a whistleblower complaint filed with US officials.
The revelation could create serious legal and financial problems for the social media platform, which is currently attempting to force Tesla CEO Elon Musk to consummate his $44 billion offer to buy the company. Several members of Congress on Tuesday called on regulators to investigate the claims.
Peiter Zatko, who served as Twitter’s security chief until he was fired early this year, filed the complaints last month with the US Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice. The legal nonprofit Whistleblower Aid, which is working with Zatko, confirmed the authenticity of a redacted copy of the complaint posted online by the Washington Post.
“This was a last resort for him,” said John Tye, the group’s co-founder and chief disclosure officer, in an interview Tuesday. He said Zatko exhausted all attempts to get his concerns resolved inside the company before his firing in January.
Among Zatko’s most serious accusations is that Twitter violated the terms of a 2011 FTC settlement by falsely claiming that it had put stronger measures in place to protect the security and privacy of its users. Zatko also accuses the company of deceptions involving its handling of “spam” or fake accounts, an allegation that is at the core of Musk’s attempt to back out of the Twitter takeover.
Better known by his hacker handle “Mudge,” Zatko is a highly respected cybersecurity expert who first gained prominence in the 1990s and later worked in senior positions at the Pentagon’s Defense Advanced Research Agency and Google.
He joined Twitter at the urging of then-CEO Jack Dorsey in late 2020, the same year the company suffered an embarrassing security breach involving hackers who broke into the Twitter accounts of world leaders, celebrities and tech moguls, including Musk, in an attempt to scam their followers out of bitcoin.
Twitter said in a prepared statement Tuesday that Zatko was fired for “ineffective leadership and poor performance” and said the “allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders.” The company called his complaint “a false narrative” that is “riddled with inconsistencies and inaccuracies and lacks important context.”
Zatko’s attorneys, Debra Katz and Alexis Ronickher, said Twitter’s claim about his poor performance is false and that he repeatedly raised concerns about “grossly inadequate information security systems” with top executives and Twitter’s board of directors. The lawyers said that in late 2021, after the board was given “whitewashed” information about those security problems, Zatko escalated his concerns, “clashed” with CEO Parag Agrawal and board member Omid Kordestani and was fired two weeks later.
The 84-page complaint describes a broken corporate culture at Twitter that lacked effective leadership and where Zatko said top executives practiced “deliberate ignorance” of pressing problems. His description of Dorsey’s leadership style is particularly scathing; he described the Twitter founder as “extremely disengaged” during the last months of his tenure as CEO to the point where he would not even speak during meetings on complex issues facing the company.
Zatko said he heard from colleagues that Dorsey would remain silent for “days or weeks.” Dorsey announced he was stepping down as Twitter CEO in November 2021.
The disclosure says Twitter offered no monetary incentives for improving security and platform integrity, although the company did offer $10 million bonuses last year for top executives who could generate short-term user growth.
Among Zatko’s accusations of cybersecurity malpractice: Software and security updates were disabled on more than a third of employees’ computers — unduly exposing them to malware — and it was common for people to install “whatever software they wanted on their work systems.” Such lapses are typically considered cardinal sins in cybersecurity.
Whistleblower Aid said it is legally precluded from sharing Zatko’s statement. The same group worked with former Facebook employee Frances Haugen, who testified to Congress last year after leaking internal documents and accusing the social media giant of choosing profit over safety.
“I wouldn’t say he’s happy about having to become a whistleblower, but he’s resolute in his decision,” Tye said. “And committed to getting to the bottom of this.”
Among the most alarming complaints is Zatko’s allegation that Twitter knowingly allowed the Indian government to place its agents on the company payroll where they had “direct unsupervised access to the company’s systems and user data.”
A 2011 FTC complaint noted that Twitter’s systems were full of highly sensitive data that could allow a hostile government to find precise location data for specific users and target them for violence or arrest. Earlier this month, a former Twitter employee was found guilty after a trial in California of passing along sensitive Twitter user data to royal family members in Saudi Arabia in exchange for bribes.
The complaint said Twitter was also heavily reliant on funding by Chinese entities and that there were concerns within Twitter that the company was providing information to those entities that would enable them to learn the identify and sensitive information of Chinese users who secretly use Twitter, which is officially banned in China.
Zatko also describes willful ignorance by Twitter executives on counting the millions of accounts that are automated “spam bots” or otherwise have no value to advertisers because there is no person behind them. Zatko cited a “damning” 2021 outside report that found Twitter’s tools for tackling bots were neither sufficiently automated or sophisticated and instead relied on humans “not adequately staffed or resourced, to address the misinformation and disinformation problem.”
Alex Spiro, an attorney representing Musk in his effort to back out of his Twitter acquisition deal, said lawyers have issued a subpoena for Zatko. “We found his exit and that of other key employees curious in light of what we have been finding,” Spiro wrote in an email Tuesday. Spiro said Zatko and Musk have not been in contact at any time this year.
Tye said “he’s never met Elon Musk. Doesn’t know Elon Musk. They know people in common.” Asked if mutual friends could have shared information about Twitter’s bot problems with Musk, Tye said Zatko “has not communicated with any other party about his disclosures” since filing the complaints in July.
Whistleblower accuses Twitter of cybersecurity negligence
https://arab.news/25yzz
Whistleblower accuses Twitter of cybersecurity negligence
- Peiter Zatko served as Twitter’s security chief until he was fired early this year
- Better known by his hacker handle ‘Mudge,’ Zatko is a highly respected cybersecurity expert
NGOs warn Elon Musk of ‘collective punishment’ if Starlink in Sudan is shut down
- People and organizations rely on ‘unofficial’ Starlink connection for lifeline services
- Coalition of 94 humanitarian, human rights groups call for warring factions to repair damaged communication infrastructure
LONDON: Starlink’s chief Elon Musk has been urged not to shut down the satellite internet service in Sudan, as doing so could “collectively punish” millions of Sudanese.
In an appeal to the American billionaire, nearly 100 humanitarian, civil society, human rights organizations and members of the #KeepItOn coalition have highlighted the critical role Starlink plays as a lifeline for on-the-ground organizations operating in the war-torn African country. They warn that interrupting the service could have fatal consequences.
“Any shutdown of telecommunication services is a violation of human rights and may be considered to be a collective punishment that will not only isolate individuals from their support networks but also exacerbate the already dire economic situation facing millions,” said the coalition, which includes Save the Children, Islamic Relief Worldwide and Action Against Hunger, among others.
The statement added: “The potential shutdown of Starlink would have a disproportionate impact on civilians and the aid organisations who are trying to reach them.”
Sudan has been grappling with a widespread telecommunications blackout for several months, severely limiting emergency and humanitarian services and access to basic transactions such as cash transfers from abroad.
Starlink, which can operate across borders thanks to its satellite service, announced earlier this month that it would cease its services in Sudan by restricting roaming in jurisdictions where it is not licensed.
If confirmed, this decision risks provoking a permanent nationwide telecommunications shutdown, similar to the one in February 2024 that left almost 30 million Sudanese without access to the internet or telephone calls for more than a month.
The situation is further exacerbated by the damage and destruction of communication infrastructure, targeted by both the Rapid Support Forces and the Sudanese military.
The coalition, which relies on expensive and scarce satellite internet in areas where formal telecommunications are not functioning, has also urged the warring factions to repair the infrastructure.
SpaceX’s Starlink has been under pressure to maintain its connection since conflict broke out in Sudan in April 2023.
In August, a hacking group called Anonymous Sudan took X offline in more than a dozen countries to pressure Elon Musk into formally opening Starlink in Sudan.
In recent months, the company has been at the center of a public debate over its role in connecting war-torn areas worldwide.
Earlier in May, Bloomberg reported that SpaceX was close to finalizing a deal with the Yemeni government to provide satellite internet to the country in what experts described as a “victory” over the Houthi rebels.
In September 2023, several media outlets reported that Elon Musk denied a Ukrainian request to extend Starlink’s coverage to Crimea during a surprise attack.
Although this was later clarified as an erroneous claim that Musk “turned off” Starlink coverage in Crimea, it raised concerns about the service’s role during conflicts.
Dentsu opens sports practice in MENA with Riyadh HQ
DUBAI: International advertising group Dentsu has announced the launch of its dedicated sports practice, dentsu Sports International, in the Middle East and North Africa region.
The new practice, which focuses on sports marketing and analytics services, will be headquartered in Riyadh, Saudi Arabia, with additional offices in the UAE.
To provide end-to-end service to clients, the group brings together three dentsu businesses: dentsu Sports International Commercial, MKTG Sports + Entertainment and dentsu Sports Analytics.
Charlie Wylie, managing director for Europe, Middle East and Africa at dentsu Sports International, said: “dentsu Sports International will serve as a strategic sports and entertainment arm of dentsu in MENA, offering comprehensive solutions tailored to the needs of brands and rights holders.”
The company has appointed Olaf Borutz as vice president of commercial development, reporting to dentsu Sports International’s global chief commercial officer, Echo Li.
Borutz’s previous role as head of sports and events at law firm Al Tamimi & Company saw him advise clients on sports and events-related commercial matters, including government bodies, rights holders, agencies and players of the Saudi Pro League and Qatar Stars League.
“The appetite for sports marketing in the Kingdom is at an all-time high, with Saudi’s ambitions and investment in this space only expected to grow,” said Tarek Daouk, CEO, dentsu MENA.
A significant 62 percent of Saudi sports fans say that sport plays a bigger role in their lives than before, according to a new study conducted by dentsu Sports International.
The study also found that fans spend more time and money than their international counterparts on live events in the Kingdom, with Saudi fans attending an average of six events in person a year, more than the UK average of two events per year.
Saudi Arabia’s significant youth population is passionate about sports, with 68 percent of 18–24-year-old Saudis saying they find attending sports events more rewarding than other entertainment events.
The study also revealed that these younger consumers are the most likely to purchase premium tickets, spending 31 percent more a ticket than older fans.
Daouk said: “It’s an exciting time for sports in the region and we are thrilled to launch dentsu’s bespoke sports and entertainment offering.”
Tunisia remands journalists arrested over critical comments
- Broadcaster Borhen Bssais and political commentator Mourad Zeghidi were arrested Saturday under a decree criminalizing ‘spreading false information’ among other charges, spokesman Mohamed Zitouna said
TUNIS: A Tunisian court on Wednesday ordered two journalists to be held in remand until the completion of investigations into critical comments, a court spokesman said.
Broadcaster Borhen Bssais and political commentator Mourad Zeghidi were arrested Saturday under a decree criminalizing “spreading false information” among other charges, spokesman Mohamed Zitouna said.
Zeghidi is being investigated over social media statements last February and a post in support of Mohamed Boughalleb, another journalist and critic of President Kais Saied who has been detained separately.
Bssais was arrested on accusations of “having harmed President Kais Saied through radio broadcasts and statements” online between 2019 and 2022, according to his lawyer Nizar Ayed.
Their trial is set to begin on May 22, according to their lawyers.
Both media figures are prosecuted under a law ratified by Saied in September 2022.
The law punishes people with up to five years in prison for the use of social media to “produce, spread (or) disseminate ... false news” and “slander others, tarnish their reputation, financially or morally harm them.”
Journalists and opposition figures have said it has been used to stifle dissent.
Since the decree came into force, more than 60 journalists, lawyers and opposition figures have been prosecuted under it, according to the National Union of Tunisian Journalists.
The same night Bssais and Zeghidi were taken into police custody, masked police raided the Tunisian bar association and arrested lawyer Sonia Dahmani, also on the same law.
On Monday, another lawyer was forcibly arrested at the association’s headquarters.
The president of the bar, Hatem Meziou, on Tuesday called for an end to “the abuse of power” and “violence” targeting the lawyers.
The European Union also expressed concern over a string of arrests of civil society figures in Tunisia — the latest sign of a tightening clampdown on freedoms under Saied.
Nongovernmental organizations have decried a rollback of freedoms in Tunisia since Saied began ruling by decree after a sweeping power grab in 2021.
‘Blockout’ trend targets celebrities over Gaza silence
- Selena Gomez, Zendaya and Kim Kardashian are among the celebrities who have lost hundreds of thousands of followers
- Boycott campaign gained traction following Met Gala event last week in New York
LONDON: A new trend threatening to boycott celebrities over their refusal to speak out about the Gaza conflict is gaining momentum on social media.
Known as “Blockout 2024,” the movement has surged in popularity following the Met Gala last week.
As part of a solidarity campaign, social media users are calling for the blocking of accounts of celebrities who have remained silent on the humanitarian crisis in Gaza.
High-profile figures such as Taylor Swift, Justin Bieber, and Drake are among the hundreds of celebrities facing this “digital guillotine.”
A full list is circulating on social media, leading to a significant loss of followers on Instagram and other platforms.
Actress and singer Selena Gomez reportedly lost 1 million followers on Instagram and 100,000 on X, according to US-based social media analytics site Sonic Blue.
Fellow actress and singer Zendaya, reality TV star Kim Kardashian, and her sister Kylie Jenner have also seen hundreds of thousands of followers drop.
Pro-Palestinian activists have been pressuring celebrities for months to show more support for Gaza civilians. This growing discontent reached a tipping point last week when the Met Gala’s glitz and glamour coincided with Israel’s announcement of a military offensive in Rafah.
@ladyfromtheoutside #greenscreen #greenscreenvideo #digitine #digitalguillotine #haleyybaylee ♬ original sound - Meagan
The movement was sparked by a TikTok video from influencer Haley Kalil at the Met Gala on May 7, where she lip-synced to the phrase “Let them eat cake.”
This phrase, attributed to Queen Marie Antoinette, drew parallels to the French Revolution, symbolizing indifference to the suffering of the impoverished.
“It’s time for the people to conduct what I want to call a ‘digital guillotine.’ A ‘digitine,’ if you will,” said TikTok creator @ladyfromtheoutside, who kicked off the movement with her viral video.
“It’s time to block all the celebrities, influencers and wealthy socialites who are not using their resources to help those in dire need. We gave them their platforms. It’s time to take it back, take our views away, our likes, our comments, our money.”
According to Gaza authorities, at least 35,000 people, mostly women and children, have been killed in the Palestinian territory during the seven-month war, which has been widely condemned as failing to comply with international humanitarian law.
Related
BBC investigation leads to arrest of one of world’s most notorious people smugglers
- Barzan Majeed, nicknamed ‘Scorpion,’ is caught in Iraqi Kurdistan days after release of BBC podcast series by journalists who tracked him down and interviewed him
- Senior local official confirms officials used information from the broadcaster’s investigation to help find fugitive believed to have helped smuggle thousands of people to UK
DUBAI: Kurdish security forces arrested Barzan Majeed, described as one of the world’s most notorious people smugglers, in Iraqi Kurdistan on Sunday morning.
Nicknamed “Scorpion,” the fugitive is believed to have been involved in smuggling an estimated 10,000 people across the English Channel to the UK. He was arrested days after the release of a BBC podcast series in which investigative journalists tracked him down to the city of Sulaymaniyah in Iraq and interviewed him there.
During the interview, Majeed said he had lost count of the number of people he helped to smuggle, adding: “Maybe a thousand, maybe 10,000. I don’t know, I didn’t count.”
He admitted that between 2016 and 2019 he was one of two people who helped run a people-smuggling operation in Belgium and France but denied he was the mastermind of the operation.
“A couple of people, when they get arrested, they say, ‘We’re working for him’ — they want to get less (of a) sentence,” he said.
Originally from Iraq, Majeed moved to the city of Nottingham, in England, in 2013 but was deported two years later. He had been on the run since failing to appear at a court in Belgium for a sentencing hearing in November 2022.
The UK’s National Crime Agency issued a warrant for his arrest that same year. The agency, which confirmed his arrest, said: “We are grateful to the BBC for highlighting his case and remain determined to do all we can to disrupt and dismantle the criminal networks involved in smuggling people to the UK, wherever they operate.”
A senior member of the Kurdistan Regional Government confirmed its officials had used information from the BBC investigation to locate and arrest Majeed.
Each year, thousands of people flee Iraq, including its Kurdistan Region, in the hope of finding a better life in the UK or other parts of Europe. In many cases, they pay people smugglers to transport them, but the routes and methods used by the smugglers are often dangerous and the migrants face harsh weather and potentially deadly travel conditions.
Germany deported 222 Iraqi citizens in the first three months of this year as part of an alleged agreement between Berlin and Baghdad to deport migrants who do not qualify to remain in Germany, media organization Rudaw, which is based in Iraqi Kurdistan, reported this week.
