Twitter Whistle-Blower Allegations Spark Concerns About National Security Risk

Lawmakers and cyber experts are concerned that the alleged weaknesses in the data protections of the social network pose a national security risk.

The whistle-blower complaint from former security chief Peiter Zatko flagged to US authorities what he described as "egregious deficiencies" in the social media company's ability to fend off attackers.

The most damning claims from Zatko, who was fired earlier this year, suggest the company relied on outdated software and that executives failed to understand the level of access that employees had to user accounts. According to Zatko, some employees may be working for government intelligence agencies.

There are serious national security, privacy and election security implications if these allegations are true.

According to Zatko, roughly half of the company's workforce had deep access to the site's controls, giving them the ability to manipulate the site or access user information with little or no oversight. In an interview with the Washington Post, Zatko expressed concern that the whistle-blower disclosures could have given a person who sympathized with insurrection the ability to go rogue.

If Zatko's allegations are true, then the United States' national security is at risk because of the lack of structural controls in place for preventing and detecting cyberattacks.

According to the complaint, Indian government agents would have had unfettered access to a lot of the sensitive data on the site. The company misrepresented on its transparency reports that it knew Indian government representatives were on its payroll.

Two weeks ago, a US court found a man guilty of espionage for Saudi Arabia by gathering personal information about people who used anonymous profiles to criticize the kingdom.

The details in Zatko's complaint were disputed by the social media company.

The company said that it has seen a false narrative about its privacy and data security practices.

A representative for Zatko said the former executive stood by everything in the disclosure. He said that his career of ethical and effective leadership speaks for itself.

According to Zatko, more than half of the 500,000 server at the company were running outdated operating systems that didn't support privacy and security features. Older software can be used by hackers to gain access to organizations.

Tom Kelly is a member of the board at the cyber firm ZeroFox.