US military Twitter account hacked
The Twitter account for Centcom, the USA’s central military command, was hacked last night by a group claiming to be affiliated with the self-proclaimed Islamic State, also known as ISIS.
The cyber-jihadis claimed the hack was in response to the killing of their “brothers” in Iraq, Syria and Afghanistan, and warned American soldiers to “watch [their] backs”.
The group also claimed to have gained access to the personal devices of an unspecified number of high-ranking US military officials.
In a statement posted on the hijacked account, the group said: “You’ll see no mercy infidels. ISIS is already here, we are in your PCs in each military base. We know everything about you, your wives and children.”
The perpetrators also posted details of what they claimed were “confidential data from [military personnel’s] mobile devices”, as well as including what appeared to be a cyber-wargame involving an attack by China against the Pentagon’s networks.
As time progressed, however, it became evident that much, if not all, of the material published was, in fact, already in the public domain.
Pentagon spokesman army colonel Steve Warren told Reuters the US Defense Department “views this as little more than a prank, or as vandalism”.
“It’s inconvenient, it’s an annoyance but in no way is any sensitive or classified information compromised,” said Warren.
Another unnamed source in the military denied the hackers’ claims that internal networks were affected, adding “there was no operational impact”.
Whether through luck or planning, the attack came at a potentially embarrassing time for the US government, however, as president Barack Obama was giving a speech on cyber security and the dangers posed by hacking to national security at the time.
US military Twitter account hacked: Analysis
While it’s natural for the victims of hacking to try and play down any attack as much as possible, the US government’s assertion that this is “little more than a prank” and reassurances that this isn’t a serious data breach do seem to be valid.
While attacks like this generate a lot of publicity, because they are so visible, the really big attacks take place in silence and often the public will know nothing about it. These are the kinds of attacks that governments and companies are really worried about – a social media hijacking may be an egg-on-face moment, especially if it turns out to be because of a weak password or poor password management, but it’s small fry compared to what goes on beneath the surface.