U.S. Military Twitter Account Hacked With Jihadist Messages

Updated on
Photograph: Bloomberg

The Twitter and YouTube accounts of the U.S. Central Command were compromised with messages supporting Islamic State, in a hacking attack the Pentagon dismissed as a prank.

The attack was confirmed by Central Command, which oversees U.S. military operations in the Middle East including the fight against Islamic State extremists. Both accounts were suspended Monday after about 30 minutes, according to a statement, and the command’s own website wasn’t affected.

The Defense Department “views this as little more than a prank or vandalism,” Army Colonel Steve Warren, a Pentagon spokesman, told reporters. “It’s inconvenient, it’s an annoyance,” but “in no way” has “any sensitive or classified information been compromised.”

The attack was the latest in a growing number of hacking incidents affecting government networks, websites and social-media outlets. Reported breaches on federal computer systems increased to 46,605 in 2013 from 26,942 in 2009, according to the U.S. Computer Emergency Readiness Team.

The hacking by unknown attackers came within days of terrorist attacks in France in which gunmen claiming ties to Islamic State and al-Qaeda in the Arabian Peninsula killed 17 people.

Feeds posted to Central Command’s Twitter account read: “American soldiers, we are coming, watch your back,” and “In the name of Allah, the Most Gracious, the Most Merciful, the CyberCaliphate continues its CyberJihad.”

FBI Inquiry

The incident took place as President Barack Obama was speaking in Washington about his administration’s push to strengthen cybersecurity and bolster consumer protections from data breaches.

White House spokesman Josh Earnest said Monday at a briefing that there’s a difference “between a large data breach and the hacking of a Twitter account.”

The Federal Bureau of Investigation is “investigating the recent intrusion involving CENTCOM social-media accounts and continues to work with the Department of Defense in order to determine the nature and scope of this incident,” FBI spokesman Joshua Campbell said in an e-mail.

The attackers called themselves the CyberCaliphate, operating “under the auspices of ISIS,” an acronym for Islamic State’s former name. They temporarily filled Central Command’s Twitter site with threatening messages and crude attempts to suggest an infiltration of classified networks.

Rosters Posted

One posting was labeled “Pentagon Networks Hacked! China Scenarios,” accompanied by maps of China. That material and a similar posting on North Korea actually were lifted from nongovernment, publicly available websites.

The hackers also posted rosters of U.S. personnel, including contact information for three Army commands and a roster of retired Army generals. That information came from pages of phone numbers on publicly available Pentagon websites.

The rosters were accompanied by warning messages such as “We won’t stop! We know everything about you, your wives and children.”

Although the Pentagon played down the incident, the ability of hackers to compromise official accounts “is an escalation that should cause concern for the U.S. government,” said Ken Westin, senior security analyst at Tripwire Inc., a cybersecurity company based in Portland, Oregon.

“The fact they were able to compromise the accounts should force the government to re-evaluate their security policies when it comes to social media,” Westin said in an e-mail.

Twitter Helping

The Pentagon requested assistance with an account security issue and Twitter Inc. is working to help resolve it, the San Francisco-based company said in an e-mailed statement. Zayna Aston, a spokeswoman for Mountain View, California-based Google Inc., which owns YouTube, had no comment.

While the hackers reached only social-media accounts, not government websites or networks, such attacks can incite panic and cause damage.

A 2013 attack of the Twitter account of the Associated Press featuring an erroneous posting about explosions at the White House triggered a stock-market decline.

That incident prompted Twitter to bolster its security by offering a two-step authentication process, making it harder for outsiders to gain access to an account. In addition to a password, the security measure requires a code sent via text message to a user’s mobile phone, or generated on a device or software.

Multiple Users

Twitter and YouTube accounts for large organizations such as the military are more difficult to manage because dozens of people usually need log-in credentials, said Jeff Williams, co-founder and chief technology officer at Contrast Security, a software security company based in Palo Alto, California.

For that reason, it’s doubtful that Central Command used two-factor authentication, Williams said in an e-mail.

Asked about the hacking attack, Air Force Colonel Patrick S. Ryder, a spokesman for the Tampa, Florida-based Central Command, said in an e-mail, “We are taking appropriate measures to address the matter.” He said he had no further information.

The FBI opened investigations in November into hacking attacks on the State Department and Postal Service that raised questions about the risk of espionage.

The attack on the State Department last year forced officials to temporarily disable part of the agency’s e-mail system.

France Rallies

The Central Command hacking occurred a day after more than 3.7 million people marched in rallies across France with world leaders in a show of solidarity against the nation’s worst terrorist attack since the 1960’s. The attacks claimed 17 lives as gunmen who said they were aligned with radical Sunni extremist groups killed workers at a satirical magazine and a Kosher grocery store.

France is deploying about 15,000 security personnel at sensitive sites across the country, including Jewish schools, as a hunt began for possible accomplices. The search was prompted in part by a seven-minute video with one of the gunmen declaring allegiance to the Islamic State.

The video had a banner detailing the killing of four people at a kosher grocery where the gunman was shot dead by the police, showing it was edited and posted after his death.

Before it's here, it's on the Bloomberg Terminal. LEARN MORE