Cybersecurity expert: Disney hack highlights glaring brand risk around social media accounts

Unmeasurable brand and reputation damage from hackers accessing brand social media accounts is a real risk marketers need to think more about

“Unmeasurable brand and reputational damage” is a big risk brands face from seemingly simple hacker attacks on their social media accounts, one cybersecurity expert claims.

The comments from cybersecurity expert and Cerby chief trust officer, Matt Chiodi, followed news last week of Disneyland’s Facebook and Instagram accounts being hacked. Undertaken by an individual claiming to be a ‘super hacker’ and calling himself ‘David Do’, the posts featured a raft of offensive content, which several US media sites were able to capture, containing racist language, slurs and references. The hacker also claimed to be the inventor of Covid-19.  

The first offensive posts appeared on 7 July at 3.50am local US time and were quickly removed by the entertainment company after it worked to secure its social media accounts. Disney’s social accounts have more than 8 million followers.

In an 8 July statement confirming the social media account hack and its efforts to deal with the cyberattack, Disney labelled the attack “reprehensible”.

“Disneyland Resort’s Facebook and Instagram accounts were compromised early this morning. We worked quickly to remove the reprehensible content, secure our accounts, and our security teams are conducting an investigation,” the Disney statement read.

Why social cyberattacks are a big threat

Chiodi has spent the past 20 years in the cybersecurity space, working for companies such as Palo Alto Networks, RedLock, Cognizant, Deloitte and eBay. During his time as chief security officer of Cloud at Palo Alto Networks, he led a group of security researchers exclusively focused on public cloud concerns. He’s now the chief trust officer for Cerby, which produces security technology to better protect applications that don’t fall under enterprise-grade IT security checks and balances.

Chiodi told CMO there are four common ways in which social media attacks like this happen. The first is weak passwords that are easy to guess, while the second is passwords used across multiple applications that form part of a breach. A third risk is phishing campaigns, where a user is lured into clicking on a link that takes them to a fake login page that looks like Instagram or Twitter and allows cyberattackers to harvest passwords. Disabled two-factor authentication is the common thread across many of these cases.

“While there is a lot of talk about going passwordless in the future, passwords are not the issue. It’s the end-user’s mismanagement of them that’s the challenge,” Chiodi said.

As to why social media accounts are a prime target for cyberattacks, Chiodi argued none of the prominent platforms offer robust authentication options to their billions of users.

“Social media attacks happen because none of the platforms support common identity standards like single sign-on and systems for cross-domain identity management for automatically adding and removing users,” he said. “This is unacceptable for tools so critical to enterprises and democracy.”

These standards are known as SCIM. “These two standards are the bread and butter of what keeps many enterprise crown jewel applications secure. But none of them are supported.”  

Then there’s the value of social media advertising itself. As the second biggest market in digital ads worldwide, with revenues of US$153 billion in 2021, according to Hootsuite, attackers are taking notice.

“Until these problems are solved, we should expect to see these types of social media attacks continue to expand and negatively impact brand trust,” Chiodi said.

The brand fallout

Chiodi agreed the consequences of these attacks can cause “unmeasurable brand and reputational damage” to an organisation. A key contributor in this case is the fact consumers consider social media a ‘trusted’ channel.

“If they [hackers] are able to breach an account, yes, they can make the brand look bad by saying nasty things,” he continued. “But what’s more lucrative is redirecting ad spend and getting your consumers to click on phishing links so criminals can then harvest your customers’ personal information and resell it on the dark Web.

“If an attacker can breach these platforms, they can not only redirect ad spend, they can also launch phishing campaigns.”

As an example, Chiodi posited an attacker taking over the social media presence of a large consumer brand.

“They post an innocent-looking post with a link. When thousands of consumers click on the link, they are taken to a phishing site where sensitive information such as usernames and passwords and other personally identifiable information can be harvested,” he said. “The scenario becomes even more risky when the attacked companies operate in sensitive fields like healthcare and government.”

Exacerbating the issue are security chiefs and IT teams who are largely unaware of the elevated risk of what Cerby dubs these ‘unmanageable applications’, such as social media. Cerby defines such applications as ‘unmanageable’ because they lack support for common identity standards essential in enterprise security strategy.

“Sure, they [IT and security teams] know there is a risk to the brand if a social account is compromised, but until recently, there wasn’t much they could do other than to tell the marketing team to use a password manager or a privileged identity/access management tool [PIM/PAM],” he explained. “The rub? These tools, while lightyears better than using sticky notes and spreadsheets, in the case of PIM/PAM tools, require marketing teams to learn a new tool that is painfully not user-friendly.

“Password managers are great, but like PIM/PAM tools, they do not automate remediation of common social media security hygiene tasks like enabling two-factor authentication and strong passwords or help securely sharing access to social accounts with agencies and other third parties, such as influencers.”

Chiodi’s advice to marketers on steps they can take to be prepared for such a cyber hack is first and foremost to ensure two-factor authentication is enabled universally across all social accounts.

“Put a process in place to regularly ensure it is not disabled,” he advised. “This is an extremely common problem when a critical task like this is not automated. When enforcement is automated, two-factor authentication would alone eliminate the vast majority of breaches.”

Second, marketers need to be proactive and vocal with security teams in expressing their needs when it comes to efficiently and securely managing access to their social accounts, Chiodi said.

“If this second step is not done, security teams will often default to their standard sets of tools, like PIM/PAM and password managers, and marketing teams will be left with a solution that is at the least more painful and, at the worst, no more secure than when they started,” he added.

Don’t miss out on the wealth of insight and content provided by CMO A/NZ and sign up to our weekly CMO Digest newsletters and information services here.  

You can also follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, follow our regular updates via CMO Australia's Linkedin company page       


Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Latest Videos

More Videos

More Brand Posts

As an ex employee of 4 years during the growth of the company, I can say that the new management has benefitted the company tremendously,...


How JobAdder's CMO is bringing the human truth to B2B rebranding

Read more

So many words, so little business benefit.

Brett Iredale

How JobAdder's CMO is bringing the human truth to B2B rebranding

Read more

This article highlights Gartner’s latest digital experience platforms report and how they are influencing content operations ecosystems. ...

vikram Roy

Gartner 2022 Digital Experience Platforms reveals leading vendor players

Read more

Ms Bennett joined in 2017 yet this article states she waited until late 2020 to initiate a project to update the website. The solution t...

Munstar Cook

How Super SA put customers at the heart of its digital transformation

Read more

Its a informative post thanks for sharing

Galaxy Education

The people and process smarts needed to excel in omnichannel retailing

Read more

Blog Posts

The 15 most-common persuasion mistakes

As workers across the country slowly head back to the office, many of us might have forgotten how to deal with one another in person and the best way to persuade someone in a working environment.

Michelle Bowden

Author, consultant

5 commonly missed opportunities when marketing to multicultural customers

The latest census data shows Australia has become a majority migrant nation for the first time. According to the new national data, more than 50 per cent of residents were born overseas or have a migrant parent.

Mark Saba

Founder and CEO, Lexigo

Post-Pandemic Business Playbook: An Opportunity Unlike Ever Before

Covid-19 created a shift in the customer and economic-based reality unlike anything most of us have ever experienced. Customers have changed from routinised pre-pandemic shopping behaviours to frequently purchasing new brands and suppliers.

Ofer Mintz

Associate Professor of Marketing, UTS Business School

Sign in