Hackers took control over the US Central Command’s Twitter and YouTube accounts, and have claimed to have gained access to confidential military documents. The hackers, who are calling themselves the CyberCaliphate, and are also claiming to be affiliated with Islamic State.
The social media accounts were compromised late on Monday, with the hackers quickly using the access to post pro-IS videos and leak their stolen military documents. However, the Pentagon noticed the breach and quickly shut down both accounts to regain control.
Officials were quick to point out that the information released by the hackers is not actually confidential. Most of it is already publicly available, such as a list of retired army generals and an assessment of North Korea’s military readiness. It is unknown if the hackers had managed to retrieve any secrets or sensitive information, but that does not appear to be the case yet.
The Wall Street Journal notes that it wouldn’t have been too hard to hack both the Twitter and Youtube accounts as few safeguards were in place. Hackers are likely to have simply used a brute force approach and guessed the weak password. No additional security checks were in place, and measures like two-stage authentication were not implemented. In fact, the email associated with the accounts was linked to an individual and had not used an official government email.
In other words, it wouldn’t have taken too much effort for just about anyone to gain access to the military’s Twitter and YouTube as it was about as secure as any other clueless user. The vulnerability of the social media accounts is leading investigators to believe that the hackers are simply using the IS connection as a cover for their activities, and it is more likely that these are individuals acting on their own.
The White House has downplayed the impact of the cyber-attack, with officials saying that there is a huge difference between a large data breach and the hacking of a Twitter account.
[Source: Wall Street Journal]