You are here

Twitter names famed hacker 'Mudge' as head of security

Peiter Zatko has been given a broad mandate to recommend changes in structure and practices

BT_20201118_NVTWITTER18_4330549.jpg
Mr Zatko is expected to take over management of key security functions after a 45- to 60-day review.

San Francisco

SOCIAL media giant Twitter Inc, under increased threat of regulation and plagued by serious security breaches, is appointing one of the world's best-regarded hackers to tackle everything from engineering missteps to misinformation.

The company on Monday named Peiter Zatko, widely known by his hacker handle "Mudge", to the new position of head of security, giving him a broad mandate to recommend changes in structure and practices.

Mr Zatko answers to CEO Jack Dorsey and is expected to take over management of key security functions after a 45- to 60-day review.

In an exclusive interview, Mr Zatko said he will examine "information security, site integrity, physical security, platform integrity - which starts to touch on abuse and manipulation of the platform - and engineering".

Your feedback is important to us

Tell us what you think. Email us at btuserfeedback@sph.com.sg

Mr Zatko most recently oversaw security at the electronic payments unicorn Stripe. Before that, he worked on special projects at Google and oversaw handing out grants for projects on cybersecurity at the Pentagon's famed Defense Advanced Research and Projects Agency (DARPA).

Mr Zatko's colourful career began in the 1990s, when he simultaneously conducted classified work for a government contractor and was among the leaders of Cult of the Dead Cow, a hacking group notorious for releasing Windows hacking tools in order to goad Microsoft into improving security. "I don't know if anyone can fix Twitter's security, but he'd be at the top of my list," said Dan Kaufman, who supervised Mr Zatko at DARPA and now leads the advanced products group at Google.

Twitter faces numerous security challenges. A year ago, the US government accused two men of spying for Saudi Arabia when they worked at Twitter years earlier, saying that they passed along private information about the kingdom's critics.

In July, a group of young hackers tricked employees and won access to Internal tools, which let them change account settings and then tweet from the accounts of then-US presidential candidate Joe Biden, Microsoft founder Bill Gates and Tesla chief executive Elon Musk.

"The data breach this summer was an important reminder of how far Twitter needs to go in building some of the basic security functions necessary to run a service targeted by adversaries much more skilled than the teenagers arrested for that incident," said Alex Stamos, a former Facebook chief security officer and current Stanford researcher who has helped lead efforts to fight election disinformation. Mr Stamos, who once worked for Mr Zatko's security consultancy, called him a great fit for a company lacking the financial muscle of Facebook and Google.

He added: "They are going to have to find creative solutions to these problems, and if Mudge is famous for anything in security, it is being creative." REUTERS

BT is now on Telegram!

For daily updates on weekdays and specially selected content for the weekend. Subscribe to t.me/BizTimes