(PIX11) – Pro-ISIS hackers appear to have taken over the U.S. military’s Central Command Twitter account Monday.
Around 12:30 p.m., the hackers tweeted, “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS.” Whoever infiltrated the account claims “we broke into your networks and personal devices and know everything about you. You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base.”
The words “CyberCaliphate” and “i love you isis” appear on the profile along with a black-and-white image of someone dressed in a Keffiyeh.
The group also published alleged screen shots of a roster containing the names, addresses and telephone numbers of retired army officers and other Pentagon documents.
A U.S. defense official confirmed the attack to CNN Monday, saying, “We can confirm that the U.S. Central Command Twitter account was compromised earlier today. CENTCOM is taking appropriate measures to address the matter.”
The social media takeover came shortly after President Obama spoke about new cybersecurity legislation designed to protect the digital privacy of Americans.
The account was suspended roughly 40 minutes after it was compromised. Hackers also took control of U.S. Central Command’s YouTube channel and appear to have uploaded two videos — one depicting the death of U.S. soldiers in a trailer for a film titled “Flames of War,” and another called “O Soldiers of Truth Go Forth.”
The Central Command Facebook page appears to still be intact.
In a similar attack, hackers took over the Twitter account of a local news station in Maryland last week, Delmarva’s news leader, WBOC TV16 has not regained control over the account since it was compromised on January 6th.
Hackers tweeting from @WBOC claim to have hacked FBI databases and allegedly tweeted screenshots of confidential warrant information and mugshots.
Despite losing control of its Twitter account, WBOC is reporting the story on its website with the following message:
“Last Tuesday, WBOC’s website and Twitter page became the victims of a cyber attack by the “CyberCaliphate.” WBOC took back control of the website shortly after the attack but the station’s Twitter page remains compromised.”
The Albuquerque Journal also reported that the station’s Twitter account had been compromised by a pro-ISIS group.
Using the site’s profile, someone tweeted, “With Allah’s permission we began with New-Mexico and we are in Tennessee now. We hacked FBI databases. #CyberCaliphate . . . INFIDELS, NEW YEAR WILL MAKE YOU SUFFER.”
Interview Transcript:
JAY: The announcement was certainly flashy. ISIS propaganda videos playing on CENTCOM's YouTube channel, threatening anti-American posts on CENTCOM's Twitter feed. "ISIS is already here, we are in your PCs, in each military base." Hijacking the social media accounts of the US Military command responsible for 20 countries in the Middle East, including Afghanistan and Iraq was meant to send a message. But cyber security expert Raj Goel says unlike the recent Paris terrorist attacks in the world of cyber terrorism things are not always as they seem.
RAJ: We don't know if it's ISIS or it's someone pretending to be ISIS. It could be a 12-year old kid in Montreal, or Saudi Arabia, or Florida.
JAY: Goel says we should not be surprised about this or even more extreme cyber attacks. Listen to former US Defense Secretary Leon Panetta expressing his concern back in 2011 for what we're seeing today.
LEON: It's often said that there's a strong likelihood that the next Pearl Harbor that we confront could very well be a cyber attack.
JAY: The White House while concerned over the CENTCOM security breach is not hitting the panic button just yet.
SPEAKER: If I can tell you this is something that we're obviously looking into and something that we take seriously. However, a note of caution to folks as they're covering this story, there's a significant difference between what is a large data breach and the hacking of a Twitter account.
JAY: The breach occurred at around the same time President Obama delivered a speech on the need for greater cyber security. So if you are sitting at home wondering what to make of the news that ISIS allegedly hacked into CENTCOM, cyber security Goel reminds us that as is the case even at CENTCOM, social media accounts, in fact all private accounts are secured by cyber security's weakest link, humans.
RAJ: Humans have always been the weak link. As a security professional I don't break computers, they're too damn hard, I break people. And any good attacker goes after people first. People are notoriously easy at picking weak passwords. They have certain habits you can profile over time. Humans will always be the weakest link, and this is not in my opinion a cyber war story, this is a cyber vandalism story.
JAY: John and Tamsen, this breach may not have been so much about taking over a Twitter feed and YouTube channel but could easily be taken as a warning from whoever is responsible that stealing a username and password is just a preview of what they're capable of.