Recent Twitter hacks done this spring by a group called the Syrian Electronic Army (SEA) on the Associated Press and The Onion have brought attention to the vulnerability of a media organization’s social media account.

In the case of the AP, which has more than two million Twitter followers, or any mass media brand for that matter, a damaging tweet can have a profound impact. When the SEA took control of the AP’s Twitter account and tweeted that President Barack Obama had been injured in an explosion at the White House, it caused the U.S. stock market to temporarily lose $200 million in value, The Wall Street Journal reported.

The AP was lucky because it was able to inform readers within 10 minutes that it had been hacked. Additionally, it had one of its White House reporters, who was already going into a press conference at the White House, inform the White House press corps at that meeting that the tweet was fake. At the meeting, White House officials also confirmed that the President was indeed alive and well.

How a Twitter Hack Happens
In early May, the Twitter account belonging to satirical news site The Onion was also hacked—once again by the SEA. True to form, while The Onion took immediate steps to respond internally to the problem, it joked about it to its followers and posted a detailed synopsis on how exactly the hack happened.

The SEA “phished Onion employees’ Google Apps accounts via 3 separate methods,” said The Onion. Here is a brief synopsis of the event:

1. The SEA sent fake news links to journalists at The Onion. The link appeared to be a Washington Post story about the brand but was actually bait to get employees to enter their Google Apps credentials. Only a few employees received the links in order to deflect suspicion.

2. The Onion sent an email to all employees asking them to change their passwords. Unbeknownst to them, the attacker had access to one of these accounts and sent a duplicate email, which included a link to a phishing page that was made to look like a password-reset link. The members of the IT team were left out of this exchange so the attackers could proceed unnoticed.

3. Since The Onion is a satirical news site, they made light of these events by posting articles like “Syrian Electronic Army Has A little Fun Before Inevitable Upcoming Deaths At Hands of Rebels.” This antagonized the attackers, who began broadcasting editorial emails on their Twitter account. Once the brand realized this it responded by asking everyone in the company to reset their Google Apps account passwords because they could not determine the source of the breach.

In a May 8th post, The Onion detailed what it views as meaningful prevention strategies:

• Make sure that your users are educated, and that they are suspicious of all links that ask them to log in, regardless of the sender.

• The email addresses for your twitter accounts should be on a system that is isolated from your organization’s normal email. This will make your Twitter accounts virtually invulnerable to phishing (providing that you’re using unique, strong passwords for every account).

• All Twitter activity should go through an app of some kind, such as HootSuite. Restricting password-based access to your accounts prevents a hacker from taking total ownership, which takes much longer to rectify.

• If possible, have a way to reach out to all of your users outside of their organizational email.