Twitter
TwitteriStock

A computer security expert who is considered an “ethical hacker” has slammed Twitter as a risk to American national security.

Peiter “Mudge” Zatko was initially hired by Twitter to improve its cybersecurity two years ago, but said that the social media company had become a risk to national security after it backed out of a deal with the federal government to improve its protection of user data.

Zatko, a software engineer who became infamous as a hacker in the 1990s, filed a complaint with the Securities and Exchange Commission (SEC) claiming Twitter was failing to live up to a deal with the Federal Trade Commission (FTC) to fix cybersecurity issues that left it vulnerable to hacking, the New York Post reported.

Two years ago Zatko was hired to be Twitter’s head of security after the company experienced numerous high profile hacking incidents, including the accounts of former President Barack Obama, President Joe Biden, Elon Musk, Jeff Bezos and Kim Kardashian.

But the cybersecurity expert accused Twitter of refusing to update its servers, causing it to remain open to security hacks.

He further said that Twitter’s refusal to modernize its infrastructure left its 238 million users, including political leaders and government agencies, vulnerable to hacking by international groups.

Zatko alleged in his filing that Twitter would routinely lose user data when accounts were deleted, breaking a promise the company made to the FTC over 10 years ago.

He said that Twitter let low and mid-level staff control highly sensitive aspects of the company’s inner working, leaving the firm in danger of spying and sabotage from international actors.

Zatko blamed his firing earlier in 2022 on the fact that he took his concerns to management.

He also levelled the charge that the company’s executives received financial incentives for exaggerating the number of users and not deleting fake bot accounts, a claim Elon Musk has used in his reasons for backing out of a $44 billion bid to take the company private.

“Twitter executives have little or no personal incentive to accurately ‘detect’ or measure the prevalence of spam bots,” Zatko’s filing said. “Senior management had no appetite to properly measure the prevalence of bot accounts… they were concerned that if accurate measurements ever became public, it would harm the image and valuation of the company.”