Hackers possibly linked to Islamic State hijack Pentagon social media accounts

Hackers claiming to be aligned with Islamic State take over U.S. military social media accounts

The Pentagon is investigating how hackers claiming to be aligned with Islamic State took over U.S. military social media accounts Monday and released more than half a dozen documents, some with the home addresses of retired generals.

The invasion of Twitter and YouTube accounts prompted the Pentagon to temporarily shut them down, shore up security and examine how the group, which called itself the CyberCaliphate, had gained such access.

The Pentagon, the FBI and other law enforcement authorities were working to determine the nature and scope of the hack of accounts belonging to U.S. Central Command, which oversees the battle against Islamic State militants across Iraq and Syria, and were notifying those whose personal information was disclosed.

None of the released documents contained classified information, and Central Command said its operational military networks were not compromised.

“We are viewing this purely as a case of cybervandalism,” the command said, adding that service to both accounts would be restored “as quickly as possible.”

The accounts were hacked while President Obama gave a speech in Washington that emphasized beefing up cybersecurity for online shoppers and redoubling efforts to guard against massive data breaches.

Within minutes of peculiar messages appearing on Central Command’s Twitter account, a tweet was published showing an apparently legitimate internal Defense Department list of retired generals, with personal email accounts and home addresses, including David H. Petraeus, Stanley McChrystal and dozens of other former senior officers.

The posts also contained what appeared to be documents from a military exercise involving U.S. forces in South Korea, and one from a federally funded think tank at MIT.

“ISIS is already here, we’re in your PCs, in each military base,” one of the messages read, using an acronym for the Sunni extremist group. “We wont stop! We know everything about you, your wives and children. U.S. soldiers! We’re watching you!”

Islamic State militant videos also began to appear on Central Command’s YouTube channel, including a high-production-value propaganda film, “The Flames of War,” that was released last year.

In addition, photos of U.S. military personnel and Central Command’s insignia that appear on the social media accounts were swapped out for black backgrounds and the message, “i love you isis,” with a black flag associated with Islamic State militants in Syria and Iraq and an image of a militant wearing a checkered scarf.

The Pentagon took down both accounts within half an hour, confirming they had been compromised. The Defense Department said no sensitive information was stolen from its servers.

A Twitter spokesperson confirmed that the Pentagon had requested the company’s assistance on an “account security issue,” but wouldn’t say anything further. Late Monday evening, Central Command’s Twitter account was restored.

Such attacks will become more common unless a strategy is developed to respond, said Rep. Michael McCaul (R-Texas), chairman of the House Committee on Homeland Security. He pointed to the recent hack against Sony Pictures Entertainment in which hundreds of documents were released containing employees’ Social Security numbers and embarrassing emails from executives.

“Without laying out the rules of the game for offensive responses and having direct consequences, cyber threats and intrusions from our adversaries will continue and escalate,” McCaul said.

Peter W. Singer, coauthor of the book “Cybersecurity and Cyberwar,” said the hack on Central Command was embarrassing but not dangerous.

The attack is yet another propaganda tool for Islamic State, which produces slick online videos and other media to recruit younger, Web-savvy members, he said.

“Hackers were able to seize Central Command’s social media megaphone,” Singer said. “That’s disappointing, but it isn’t putting anyone’s life at risk.”

CyberCaliphate, the group that claimed responsibility, was also the name of a group behind similar hacks last week on Twitter accounts for the Albuquerque Journal in New Mexico and WBOC, a TV station on Maryland’s Eastern Shore.

The hackers in that incident posted what appeared to be confidential documents, including driver's licenses, corrections records and spreadsheets with hundreds of names and addresses.

william.hennigan@latimes.com

david.cloud@latimes.com

Copyright © 2016, Los Angeles Times

UPDATES

8:13 a.m. Jan. 13: This story was updated with information that Central Command's Twitter account has been restored. 

5:35 p.m.: The story was updated throughout with new details.

4:27 p.m.: The story was updated with the Defense Department saying that no sensitive information had been stolen from its servers. 

11:23 a.m.: The story was updated with comments from the White House.

The story was originally posted at 10:49 a.m.

 

65°