Business applications have been rushing to integrate Twitter feeds---it makes them look trendy---but the security situation at the company has to give chief security officers pause.
Yes, Twitter is a fine business tool. However, Twitter's security approach isn't fully formed yet. The latest example: This morning Eastern time, Twitter was redirected by the Iranian Cyber Army (image via CNet News).
Twitter as usual didn't have a lot to say about the incident in a post. The company said:
As we tweeted a bit ago, Twitter's DNS records were temporarily compromised tonight but have now been fixed. As some noticed, Twitter.com was redirected for a while but API and platform applications were working. We will update with more information and details once we've investigated more fully.
There's a full account of the blow-by-blow via TechCrunch and others. Twitter was defaced, but a lot of other key items---like its fire hose of data---were working.
Nevertheless, Twitter has had security issues before. It's not inconceivable that some creative hacker could use Twitter to get into a key business application at some juncture. Dennis Howlett had his account hijacked. CNet's Steven Musil details some of the recent history.
Security has been a thorny issue for Twitter in the past. In January, a hacker hijacked CNN anchor Rick Sanchez's feed and proclaimed the journalist was "high on crack." Twitter users have also been the target of a password-stealing phishing scam. Disguising itself as a private message that led to a fake Twitter log-in screen, the scam was widespread enough for Twitter to put a warning message on all members' home pages alerting them of the issue.
The more Twitter focuses on the business market, the more it will have to focus on security. Simply put, security can't be some thorny side note to its day-to-day operations. To date, Twitter has been all about scaling. Now it needs to hire a security team and chief security officer if it wants to be connected to businesses and enterprise apps.