Twitter as a WMD

Trump has declared his intention to keep tweeting when he’s president. But Twitter accounts are easy to hack. Ponder the implications. Luckily, some people are doing just that. Joseph Berstein is one. “The most powerful publication in the world today”, he writes,

is Donald Trump’s personal Twitter account. In the past six weeks, it has moved markets, conducted shadow foreign policy, and reshaped the focus of media around the world. Just today, it caused Toyota’s stock to drop. It is also shockingly insecure.

That insecurity was acceptable when @realDonaldTrump concerned itself with Kristen Stewart cheating on Robert Pattinson and how thin people don’t drink Diet Coke. And yet Trump’s newfound influence — combined with the unpredictability of his tweets — makes the president-elect’s account a particularly tempting target for hackers.

That’s especially true because there is a large fortune that could be made in a single 140-character message. If someone were able to gain access to Trump’s Twitter, they could tweet approvingly or disapprovingly about a company (as Trump has done) and play the stock market accordingly — or cause others to do so. A market-tracking app called Trigger has already set up an alert that responds whenever Trump tweets about publicly traded companies.

If the hacker were geopolitically motivated, they could tweet favorably or unfavorably about a country or a leader (as Trump has done) and alter foreign affairs. Or if the hacker had a grudge, they could call their enemy out in a tweet (as Trump has done) and unleash the rage of Trump’s nearly 19 million followers. Plus, who knows what’s in Trump’s DMs?

And precisely because the president-elect’s tweets are so far afield of current president Barack Obama’s on-message, workshopped ones, someone with improper access to Trump’s account could accomplish their goals while staying in character as Trump. (A hack of the Associated Press Twitter account in 2013 that falsely asserted breaking news about an explosion at the White House caused the Dow to drop 150 points.)

Since Trump seems pathologically adverse to taking advice (because he always knows best, you see) it’s difficult to imagine him being persuaded to abandon Twitter. So is there a possible fix?

Conor Friedersdorf, writing in The Atlantic, thinks there is:

With a president who has trained the world to treat his Twitter feed as the most direct expression of his mind and of the actions he intends to take, that is unacceptable. The Trump team may have safeguards in mind, or cooperate with whatever the folks at the White House Communications Agency recommend. But given the government’s poor track record with information security, there is no reason to leave the matter entirely in their hands. Twitter’s CEO has a responsibility to impose an additional safeguard. And doing so shouldn’t be difficult.

Going forward, the @POTUS account and any verified account belonging to the sitting president should lose the ability to post anything instantaneously to the Internet.

Instead, those accounts should post to a queue. Twitter should then send the tweet in question to a designated official, perhaps White House Chief of Staff Reince Priebus, who will be prompted, “Can you verify that POTUS wants to tweet this?” And 10 seconds or 20 minutes or 2 hours later, with that “authentication” process complete, the tweet could be published to the stream as before.

This approach, or a smarter alternative, would impose trivial costs and could have almost incalculable benefits.

Will Trump accept something like this? Stay tuned.