A hacker group which calls itself CyberCaliphate, which claims to work on behalf of Islamic State militants, seized control of Twitter and YouTube accounts belonging to the United States Central Command (CENTCOM) on Monday. In regards to the hack, U.S. Central Command issued a statement on their website which read:
Earlier today, U.S. Central Command’s Twitter and YouTube sites were compromised for approximately 30 minutes. These sites reside on commercial, non-Defense Department servers and both sites have been temporarily taken offline while we look into the incident further. CENTCOM’s operational military networks were not compromised and there was no operational impact to U.S. Central Command. CENTCOM will restore service to its Twitter and YouTube accounts as quickly as possible. We are viewing this purely as a case of cybervandalism.
The Pentagon swiftly suspended the compromised social network accounts and indicated that it appears as if “no classified material was breached,” The Associated Press reported via ABC News.
CyberCaliphate appears to be the same group of hackers that the FBI has been investigating for the hijacking of various Twitter accounts last month. The compromised accounts belong to media outlets, including a television state in Maryland and a newspaper in New Mexico. The FBI has opened an investigation into the hacking of the Central Command’s Twitter and YouTube accounts and is working with the Pentagon in order to determine the scope of the breach, FBI spokesman Joshua Campbell indicated.
The Twitter hack resulted in tweets from CENTCOM’s account containing what appeared to be lists of names, phone numbers, and personal e-mail addresses belonging to military personnel. The tweets also included PowerPoint slides, maps, and threats such as one directed at America’s soldiers in which the culprits told them to watch their backs.
American soldiers, we are coming, watch your back.
Officials are notifying law enforcement in regards to the possible release of personal information.
Defense officials indicated on Monday that they have been in contact with the FBI and that the group’s prior intrusions has raised questions whether the hackers have any real connection to the Islamic State of Iraq and the Levant (ISIL/ISIS).
ISIS is currently under attack in Syria and Iraq by the United States and coalition forces.
Although most of the material was labeled “FUOU,” which translates into “For Official Use Only,” none of it appeared to be sensitive or classified information. The U.S. Central Command indicated that none of the information and documents published were from the command’s Internet servers or social media sites. The breach does not appear to have affected CENTCOM’s operational and military networks, as it appears to have been limited to the commercial, non-Defense Department Internet servers belonging to Twitter and YouTube.
A Pentagon spokesman, Colonel Steve Warren, called the attack “little more than a prank” which was “inconvenient” and annoying.
This is little more than a prank or vandalism. It’s inconvenient and it’s an annoyance. But that’s all it is […] It in no way compromises our operations in any way shape or form.
Warren indicated that officials at the Pentagon are in contact with both Twitter as well as YouTube to ensure military passwords and other security for such public websites are adequate.
One of the slides published by the hackers appears to have been developed by MIT’s Lincoln Laboratory, which is a federally funded research and development center focused on national security. The slides appeared to depict conflict scenarios with North Korea and China. The origins of the document and date upon which they were taken were unclear, as some of the information may have been as much as a year old.
When the hackers took hold of the military command’s Twitter account, they changed the title to read “CyberCaliphate” and the underline to read “i love you isis.” The broader message, essentially a threat, referred to the ongoing airstrikes against ISIS in Iraq and Syria.
We broke into your networks and personal devices and know everything about you. You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base.
House Homeland Security Committee Chairman Michael McCaul issued a statement in which the Texas republican called the intrusion “severely disturbing” and indicated that attacks of this nature would become increasingly common “unless the administration develops a strategy for appropriately responding to these cyberattacks,” CNN reported.
Reuters reported that the U.S. counterintelligence agency joined Twitter on Monday, just hours before news of CENTCOM’s hacked Twitter and YouTube accounts. The National Counterintelligence and Security Center (NCSC) was formed late last year by James Clapper, the U.S. Director of National Intelligence. In the newly formed agency’s inaugural tweet, the agency tweeted in what appeared to be a somewhat comedic fashion that they had joined Twitter and that they had “said too much already!”
The National Counterintelligence and Security Center (NCSC) joins Twitter…we've said too much already! @DNIgov
— NCSC (@NCSCgov) January 12, 2015
How do you think CENTCOM’s YouTube and Twitter accounts were compromised? Could the hackers have discovered login servers without rate limiting which allowed them to effectively crack the passwords to these accounts?