A guide to handle social-media hacks

abstract network security

Social-media security isn't always airtight. Handling breaches well is important for agencies to master. (Stock image)

The Associated Press reported some very disturbing news on April 23, in a tweet saying that the president had been injured in explosions at the White House.

The trouble was, the tweet was fake, sent by someone who had hacked the AP Twitter account.

Now officials from the General Services Administration have laid out some guidelines for how feds should handle social media security, in guidelines issued April 25.

The White House and federal agencies did not acknowledge the tweet from AP, a credible news organization with almost 2 million followers.  The financial markets, on the other hand, reacted almost immediately -- causing the Dow to drop 144 points.

The market later recovered, but no federal officials from positions of power tweeted responses or crafted quick Facebook posts that might have helped alleviate public uncertainty in the brief moments after the hacked tweet. Instead, officials addressed the issue via traditional media after the social media community – including AP employees and other news outlets – collectively tweeted and dispersed correct information.

Better to protect than regret

Justin Herman, new media manager at the GSA's Center for Excellence in Digital Government, wrote in a blog post that simple "common sense" precautions are the first place for agencies to start in shoring up potentially problematic social media account management.

Weak passwords, passwords that are not routinely changed, sloppy device management – such as unlocked mobile devices or computers with account access – or passwords that aren't updated when former staff members leave are all potential problem areas that are easy to fix, Herman said. Recommendations straight from Twitter's support website include:

• Use a strong password.

• Use different passwords for your social media accounts.

• Watch out for suspicious links, and always make sure you're on before you enter your login information to guard against phishing.

• Never give your username and password out to untrusted third parties, especially those promising to get you followers or make you money.

• Make sure your computer and operating system is up-to-date with the most recent patches, upgrades, and anti-virus software.

"The bottom line is to use the same common sense you use elsewhere," Herman said in the post.

Stuff happens, so worry now

Information goes viral as fast as users can point and click, so when social media accounts are compromised, false information can spread like wildfire and cause all sorts of chaos.

With some agency social media accounts having hundreds of thousands or even millions of followers, it's not hard to envision a scenario in which a federal agency faces a PR nightmare thanks to an enterprising hacker or password-ensnaring scheme.

That's why it is important to have a plan in place, Herman said, offering some concrete steps that a good plan should include:

1. Inform Twitter: Fill out a Twitter support request for the hacked account. Then email the ticket number to the Center for Excellence in Digital Government so they can pass it along and monitor for widespread incidents.

2. Change all other social media passwords: Even if you think the security breach is limited to the one account, it is prudent to immediately change the passwords of all other social media accounts, as they are often linked. If you find you're losing control of other accounts, contact those platforms immediately as well.

3. Alert your followers to hacking: If you don't have access to your account yet, use other accounts to alert your community that a breach occurred. Chances are if rogue tweets are sent to your community they will already suspect something is wrong and this will help prevent the spread of false information. Make sure this is sent within four minutes of the initial breach, at most, and that your strategies and policies allow you to respond quickly when it counts.

4. Dispel rumors: Once your account is regained, make a record of the rogue tweets, delete them from your stream, and communicate to your community what happened. Yours won't be the first account hacked, but citizens rely on you to handle it best.

(See more training resources.)

Policies for social media security are often already covered by broader technology policies, but managers should prepare strategies ahead of time to address new challenges posed by social media.

Ultimately, information security incidents, including those involving compromised social media accounts are handled in accordance with agency policies and procedures based on the federal incident reporting guidelines outlined by the National Institute of Technology and Standards.

A timely, clear and concise response from a federal agency could make the difference between a tough PR day and a PR nightmare.

Responding to hacked tweets

Of similar importance is how an agency responds to tweets from a hacked account.

The White House's lack of social media response to the AP's hacked tweet was probably a mistake, according to another source. A simple "everything is okay – this was false information" would likely have helped defuse the situation quickly. When and how to respond should be discussed in plans of action that agencies draft for these types of social media issues. 

Whatever those plans are, Herman said, action should be swift. Once information is verified to be untrue, Herman said agencies should use their social media platforms like power tools, dispelling rumors and communicating correct information as quickly as possible.

About the Author

Frank Konkel is a former staff writer for FCW.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

Reader comments

Fri, Apr 26, 2013

Use social networking sites and platforms that provide users with a security option for two-step verification to protect your account. For instance, see

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group