CENTCOM's Twitter account hacked by Islamic State supporters
At first glance, the words were chilling.
"AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK! " read one tweet.
Another tweet read: "We won't stop! We know everything about you, your wives and children."
Hackers claiming to support the Islamic State group seized control of the social media sites for U.S. Central Command on Monday afternoon, including Twitter and YouTube. They posted a spate of threatening remarks along with seemingly sensitive documents revealing contact information for general officers and maps about a potential war with China and North Korea.
In a news release issued Monday evening, CENTCOM officials said "we are notifying appropriate DoD and law enforcement authorities about the potential release of personally identifiable information and will take appropriate steps to ensure any individuals potentially affected are notified as quickly as possible."
The group, which calls itself the Cyber Caliphate, took control of CENTCOM's Twitter account about 12:45 p.m. on Monday. CENTCOM's Twitter account was suspended as of early Monday afternoon East Coast time.
Upon closer inspection, the documents revealed did not contain highly classified material and the biggest impact may be limited beyond some obvious public humiliation.
"It's embarrassing as all get-out for CENTCOM," said Matthew Aid, a cybersecurity expert, in an interview Monday afternoon.
"It looks like rather low-level classified documents," said Aid, who is the author of "Intel Wars: The Secret History of the Flight Against Terror." Nevertheless, Aid said, "They came off a protected network. Regardless of the low level of sensitivity, the fact that it was done should scare the crap out of people.
"The question is: Where did they get this stuff? Did they hack CENTCOM and get this stuff or did they hack this material from some other site and just post it?" Aid said.
A Pentagon spokesman emphasized that Twitter is responsible for security on its own site and CENTCOM only maintains an account with a user name and a password, just like thousands of other users.
"CENTCOM did not get hacked," said Army Col. Steve Warren, a Pentagon spokesman.
"This is little more, in our view, than a cyber-prank. It's an annoyance. We wish it wouldn't happen because we have to spend our time on it. But it in no way compromises our operations in any way shape or form."
Warren downplayed the sensitivity of the documents revealed and said there is no sign that they were obtained through a hack.
"Right now there's no evidence that any DoD systems or any DoD networks have ben compromised or breached," Warren said.
But Aid noted that the lag time between the hack and CENTCOM's suspension of the account suggests the Florida-based command was not keeping close tabs on its social media account.
"They should have done a better job of monitoring their own site. According to what I was reading, this stuff was on their site for 35 or 45 minutes before it was suspended. Someone should have been on top of that," Aid said.
The " Cyber Caliphate" hacked the websites of several regional news outlets in early January, including the Albuquerque Journal in New Mexico and a TV station in Salisbury, Maryland. An FBI agent in New Mexico said federal agents were looking into the matter, according to news reports.
By Andrew Tilghman and Jeff Schogol
Article tiré de MilitaryTimes.com (États-Unis)
Article relayé par A.L.