According to an 80-page complaint, which was filed with the Securities and Exchange Commission on July 6 by a whistleblower, Twitter is vulnerable to foreign government exploitation that threatens US national security.
The whistleblower, Peiter “Mudge” Zatko, reported his accusations and the report was publicized by CNN and The Washington Post on Tuesday, August 23.
Zatko is accusing Twitter of making false and/or misleading statements about its security practices, and is lying to Elon Musk about fake accounts.
According to Zatko, who served as head of security for Twitter from November 2020 until his termination in January 2022, Twitter’s alleged negligence in controlling potential cybersecurity has exposed Twitter to risks from foreign adversaries. Zatko, considered to be a cybersecurity expert, has also worked for Google, Stripe and the Defense Department.
Zatko reported that Twitter was taking money from Chinese sources influencing the platform, and was compromising with Russians demanding censorship and surveillance. He alleges that top Twitter company executives, including the Chief Executive Officer, Parag Agrawal, have been or are currently exposing Twitter users and employees to substantial risks.
When questioned by the news media, a Twitter spokesperson said Zatko’s allegations are “riddled with inconsistencies and inaccuracies, and lacks important context.”
Zatko accuses Twitter of covering up the company’s security vulnerability and betraying its users.
The Congress and the Defense Department have also been issued the report of Zatko’s allegations. Some information was redacted to omit sensitive classified security information.
The whistleblower also alleges that a Twitter employee, or employees, were working for foreign government intelligence agencies and that Twitter execs were aware of this.
Zatko’s disclosure shockingly alleges that Chief Executive Officer Agrawal, who was the chief technology officer in the months right before Russia invaded Ukraine, was willing to make concessions to Russia. According to Zatko, Agrawal asked Zatko to comply with Russia’s requests that would have major influence on censorship and surveillance on the platform. The accusation is related to a law Russia passed in 2021 that pressured technology platforms to open offices in Russia or lose advertising revenue. Zatko drew the conclusion that Agrawal was willing to collude with Russia in order to pursue growth of the company.
“The fact that Twitter’s current CEO even suggested Twitter become complicit with the Putin regime is cause for concern about Twitter’s effects on U.S. national security,” Zatko’s disclosure says.
The report also talks about China and says that Twitter has accepted money from “Chinese entities,” and by doing so, they were endangering some users in China.
The disclosure accuses Twitter of cybersecurity risks because, put simply, its employees have too much data that is not controlled and can be compromised. An example of risk on an employee’s computer is the installment of unauthorized spyware at the request of outside groups.
Twitter has defended itself and denied some of the allegations, saying that their security procedures are up to date and efficient. Parag Agrawal claims that Zatko is
presenting a false narrative about Twitter’s security due to being terminated for his poor performance.
Many experts in the cybersecurity field have spoken out in defense of Zatko and have praised his abilities.