12 Jan 2015

US Central Command accounts hacked by ‘CyberCaliphate’

Hackers aligned to Islamic State militants have hacked the Twitter and YouTube account of the US Army’s Central Command and posted what it claims are the home addresses of US generals and army chiefs.

Hackers aligned to Islamic State militants have hacked the Twitter account of the US armed forces’ Central Command and seem to have posted private information of US army generals.

The hackers seem to have taken control of the US Department of Defence’s @CentCom account, which is a legitimate account linked to from centcom.mil, the official US Army’s website.

They have used the account to post what appears to be sensitive information, but which a number of commentators have said is old material, and some of which is available on public websites, such as this map of North Korean’s nuclear facilities.

In a statement posted online the group stated: “Pentagon networks hacked AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS. #CyberCaliphate”

“In the name of Allah, the Most Gracious, the Most Merciful, the CyberCaliphate under the auspices of ISIS continues its CyberJihad.”

“While the US and its satellites kill our brothers in Syria, Iraq and Afghanistan we broke into your networks and personal devices and know everything about you.”

“We won’t stop! We know everything about you, your wives and children. U.S. soldiers! We’re watching you!”

The @CentCom account has now been suspended by Twitter, but the account hack comes on the same day that President Obama was tweeting about his speech on cyber-security at the Federal Trade Commission.

Pentagon officials have told NBC News that the CENTCOM hack is embarassing “but not a security threat.”

Attack scenarios

The group posted images of what it claims are combat theatre scenarios for the military ability of various countries including China, Indonesia and North Korea.

In one of its “Intelligence Preparation of the Battlefield” it posted about North Korea, it states how many reservists North Korea can call upon.

In the undated release, it states military movements of weapons on a missile base, but it’s thought the some images are not up to date.

In the “China Scenario” that has been posted the various locations of different garrisons of the Chinese army are mapped, as are the nation’s “Shore based anti-access missile threat”.

Personal information

The group has posted information on the Twitter feed that appeared to display personal residential addresses of a number of generals in the US Army.

There is no way to confirm the hacked information is legitimate, but it is posted from a hacked account of the US Army.

The hack also appears to have leaked public and private email addresses of the some of the most senior members of the US Army, as well as a number that have retired.

Next to one tweet, the hackers state “We won’t stop! We know everything about you, your wives and children.”

After half an hour of tweets, the Twitter avatar of the group, which had been changed to an image of a jihadi with the words “cyber jihad” were changed back to the default, which indicates that US authorities was able to reset the account’s settings.

It’s unclear how much sensitive or confidential information has been released as a result of the attack.