THE TWITTER and YouTube sites for the US military’s Central Command are back online after being taken over by hackers claiming to support the Islamic State militant group, and Pentagon officials are reviewing some security protocols in the wake of the breach.
Colonel Steve Warren, a Pentagon spokesman, said yesterday it is too soon to tell who the hackers are and where they got some of the official documents they placed on Central Command’s Twitter feed.
The documents included some personal phone numbers and email addresses and a few slides that were prepared by an independent research group.
The US Central Command covers 20 nations from the Persian Gulf to Central Asia.
Defence Secretary Chuck Hagel, visiting Whiteman Air Force Base, Missouri, said the hack “was a violation, it wasn’t a big deal. But it shows you, it reminds you, once again, of how dangerous these different groups are and how capable they are”.
CONNECT WITH THE SCOTSMAN
• Subscribe to our daily newsletter (requires registration) and get the latest news, sport and business headlines delivered to your inbox every morning
The hacker group, calling itself CyberCaliphate, was already under FBI investigation for incursions into the Twitter feeds or websites of media outlets in New Mexico and Maryland, prompting officials to question whether the group has any real affiliation with the Islamic State militants. The US and other partner nations have been launching airstrikes against Islamic State insurgents and locations across Iraq and Syria since last summer.
The Pentagon called the breaches an annoying prank and said they did not affect military networks or access classified or operational data.
Col Warren said yesterday the Defence Department has not issued a broad instruction to change or update its password and verification profiles on the social media sites. But he said accounts within the office of the secretary of defence, which includes Pentagon press operations, have made passwords and security changes in more than 50 accounts.
The Defence Department has thousands of social media accounts across all the military services, commands and bases.
US Central Command Twitter accounts in English and Arabic and the YouTube site were quickly removed from the web about a half hour after the breach, and were back online late on Monday night.
FBI spokesman Joshua Campbell said the bureau is investigating the Central Command Twitter and YouTube breaches and is working with the Pentagon to determine the scope of the incident.
The Central Command Twitter site was filled with threats that said “American soldiers, we are coming, watch your back”. Other postings appeared to list names, phone numbers and personal email addresses of military personnel, as well as PowerPoint slides and maps.
Most of the material was labeled “FOUO”, which means “For Official Use Only”, but none of it appeared to be classified or sensitive information. US Central Command said that none of the information and documents posted on the hacked site were from the command’s internet servers or social media sites. The breach only affected the Twitter and YouTube sites, which reside on commercial, non-Defence Department internet servers.
One of the documents appeared to be slides developed by the Massachusetts Institute of Technology’s Lincoln Laboratory, a federally funded research and development centre focused on national security. The slides appeared to depict what it called “scenarios” for conflict with North Korea and China. It is unclear where the documents came from or how long ago they might have been taken, since some of the information was as much as a year old. The tweets came shortly after US Central Command posted its own tweets about the US and partner nations continuing to attack Islamic State terrorists in Iraq and Syria and one repeating a report that said France will deploy an aircraft carrier to the fight.