Mayank Chhaya-
In a stunning revelation, Twitter’s former security chief told US Congress that the social media platform knowingly allowed India to add its agents to the company’s roster even as China too placed at least one agent there from its intelligence service.
Peiter “Mudge” Zatko, a respected cybersecurity expert and Twitter whistleblower, appeared before the Senate Judiciary Committee to make these and other damning allegations against the company.
The presence of these agents at Twitter, according to Zatko, meant that they potentially had access to sensitive user data. Add to that the fact that some 50 percent of the social media platform’s more than 7,000 employees could potentially access sensitive personal data of its 400 million users, and it offers a measure of Twitter’s security problems.
“I’m here today because Twitter leadership is misleading the public, lawmakers, regulators, and even its own board of directors,” Zatko, who headed Twitter’s security department from November 2020 to January 2022, told the Judiciary Committee, adding, “The company’s cybersecurity failures make it vulnerable to exploitation, causing real harm to real people.”
His sworn testimony will only add to the embattled social media platform’s continuing woes, including Tesla chief Elon Musk notoriously reneging on his offer to buy it at $44 billion predominantly on the claim that Twitter has not provided him with accurate figures about the number of users as well as security vulnerabilities.
Zatko’s testimony has the potential to buttress Musk’s claim which he made essentially to get out of an offer that threatened to stretch his own finances and made apparently in keeping with his flamboyance.
As for Zatko’s allegations that India and China had placed its agents in the company giving the two the ability to directly access and monitor sensitive user data it demonstrates how governments so closely monitor such social media platforms as part of their often ideologically and politically driven worldviews.
India has had a difficult relationship with Twitter where the country’s Prime Minister Narendra Modi and many top members of his government have successfully used its reach to make spectacular political and cultural gains even while displaying a characteristic desire to control what other Indians say about them.
Zatko’s testimony follows only weeks after his whistleblower complaint with the Securities and Exchange Commission (SEC) became public.
Twitter under the leadership of Parag Agrawal as its CEO has maintained that Zatko has been pushing a “false narrative that is riddled with inconsistencies and inaccuracies” in the aftermath of his firing for “ineffective leadership and poor performance.” The company agreed to pay him $7 million in settlement in June.
One of the major security failures at Twitter in Zatko’s assessment is the “oddity” where it does not have a separate a place to test its software giving anyone of some 50 percent of its employees the ability to its “production environment”, thereby allowing them access to sensitive user data.
The timing of Zatko’s disclosures could prove to be particularly opportune for Musk who, after grandiloquently and theatrically announcing his intention to wholly buy the company in April, now wants none of it. His legal team is expected to use Zatko’s claims to prop up its case even as Twitter tries to complete the sale. Zatko may not have been motivated by anything other than his genuine concern for the data of close to half a billion users but its exploitation for strictly commercial purposes by Musk and his team is inevitable.
The testimony exposed Agrawal to some serious danger as evident comments by two Republican Senators, Mike Lee of Utah and Chuck Grassley of Iowa. “Based on your disclosures, it seems to me that the Twitter CEO is more concerned with increasing influence and profits from foreign countries than with protecting user data from foreign spies or hackers,” Lee said.
Grassley went even further saying, “If these allegations are true, I don’t see how Mr. Agrawal can maintain his position at Twitter going forward.”
There does not appear to be any immediate jeopardy for Agrawal who took over as Twitter CEO in November, 2021, barely a decade after he joined as an engineer. However, the Zatko allegations and the Musk debacle are expected to weigh heavily on his future.
India has not reacted with any specificity to Zatko’s allegations but its government is known for its obsession to control the direction that utterances on social media and how they might impact its functioning.
