The hack that brought Twitter to a halt on Wednesday took over the accounts of many of the world's most famous people, from Barack Obama to Bill Gates. But one account was notable by its absence - that of US President Donald Trump.
Trump, who has 83m followers, seems like an obvious target for the financial scam. Like Tesla chief executive Elon Musk and rapper Kanye West, he is very widely followed and known for posting outlandish things on his account. Like former President Barack Obama, Democratic presidential candidate Joe Biden, he is highly influential and central to America’s democracy.
But his account was left untouched. “The president will remain on Twitter. His account was secure and not jeopardised during these attacks,” a White House spokesman said on Thursday.
The most likely reason Trump's account was ignored involves Twitter's own systems. In 2017, Trump’s account was the target of an attack from within. A German employee who disliked the president briefly took it down. Since then, it is understood, his account has been subject to extra protections and safeguards.
Engineers with the appropriate levels of clearance can take control of many Twitter accounts, but Trump’s may be a different story. If it is touched, executives are alerted, the Telegraph understands.
Twitter has said Wednesday's hack was a social engineering attack where hackers gained access via an employee, possibly by paying them. But Trump’s account might have been too difficult to access.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.— Twitter Support (@TwitterSupport) July 16, 2020
If so, this suggests an exclusive level of protection, not afforded to Obama, Gates and Biden. If such safeguards were accorded to Trump, why not extend them to these other high-profile figures, since the same thing could happen to them?
Twitter's security measures might have been particularly vulnerable in the present moment, with its employees working from home due to the pandemic.
“When employees work from home, companies frequently don’t have the same levels of security controls available, and thus employees get ‘too much access’ just to ensure they get enough,” says Tom Patterson, a security expert and chief trust officer of IT company Unisys.
Another theory for Trump's absence might be the motivations of the attackers. If they were anything more than common Bitcoin thieves, did they have geopolitical or financial reasons for targeting who they did?
The Bitcoin posts may have been a ruse to distract everyone into believing that this was one type of crime, when in fact it is something quite different.
The unprecedented level of access and control seems out of step with the crudeness of the messages, which would have been easily identified as scams by anyone with a passing level of internet literacy.
If that is the case, can we read into who they chose to target? If their true intention was to harvest damaging information from direct messages or other private data, what were they hoping to glean from Gates, Obama or Biden, all three powerful US liberal figures, that might later be leveraged for unknown ends?
On Thursday the Senate Committee on Commerce, Science and Transportation raised concerns. “It is not difficult to imagine future attacks being used to spread disinformation or otherwise sow discord through high-profile accounts, particularly those of world leaders,” wrote Republican chairman Roger Wicker, in a letter calling on Dorsey to brief the committee.
Stolen information can end up playing an unpredictable political role further down the line - think Hilary Clinton’s hacked emails. Even if this was a criminal hacker stealing information, where that information ends up and what it reveals could still be important in ways we can’t yet see.
Ari Lightman, professor of digital media and marketing at Carnegie Mellon University's Heinz College, says we shouldn’t to rule out the idea that the attack is a deliberate attempt to target certain figures, with a view to one day exploiting this for political gain.
“What we've seen largely over the past 10, 15 years is ideologically-based organisations and nation state actors basically saying that if we want to, we can go on and screw with your population," he said.
In one sense, Twitter staff might be breathing a sigh of relief and telling each other it could have been worse. No tweets were sent threatening nuclear war or manipulating the markets. But the attack is raising tough questions about the security of its systems, and the unknown consequences may be bigger than $100,000 in stolen Bitcoin.