While there is no doubt that social media companies need to spend more on security—there is no law regarding this as of now—platforms also need to have contingency plans ready.
On Monday, Twitter faced its biggest hacking attack ever, with $100,000 being swindled by fraudsters within a few hours, and Twitter having to suspend services for some time. Although the source of the attack is not known and Twitter is yet to announce whether it was a vulnerability in the system that led to the attack, given the extent of the attack, it is clear that hackers somehow got control of Twitter’s internal servers to initiate the attack. Several prominent accounts, like @Apple and @Uber, apart from @BarackObama and @elonmusk, started tweeting about doubling money within 30 minutes if people clicked on a link and paid to purchase bitcoins. Even when Twitter deleted such tweets, the accounts tweeted again within minutes.
While there is no doubt that social media companies need to spend more on security—there is no law regarding this as of now—platforms also need to have contingency plans ready. The Verge reports that shutting down of service also meant confusion regarding tornado warning. National Weather Service in Lincoln, Illinois, had tweeted a tornado warning before going dark, and could not update account because of the shutdown. As social media platforms are also used as warning systems, and for publication of news, they need to be extra careful with security. But the US is not the only country to have lax laws for cybersecurity. India is still to come out with a national cybersecurity policy or mandate companies to do such checks. As more people adjust to online activities, there is a need to look at cybersecurity as a necessary spend.