US military's Twitter, YouTube account hacked is more an embarrassment than threat

The Twitter and YouTube accounts for the US military command that oversees operations in the Middle East were hacked on Monday by people claiming to be sympathetic toward the Islamic State militants. The US Central Command is based at MacDill Air Force Base in Florida and handles American military operations covering the Middle East and Central Asia. Currently it is managing the US air strikes against Islamic State in Iraq and Syria. While the YouTube account was filled with ISIS propaganda videos, on Twitter the ISIS hackers posted warnings to American soldiers and the US government. The YouTube account was hacked to add two videos titled “Flames of War ISIS Video” and “O Soldiers of Truth Go Forth.” Some of the tweets posted read: ISIS is already here, we are in your PCs, in each military base. (The tweet was followed by a picture of US women soldiers sitting near computers). AMERICAN SOLDIERS WE ARE COMING WATCH YOUR BACK. We won’t stop! We know everything about you, your wives and your children. Both these tweets were followed by a list of generals and addresses associated with them, titled “Army General Officer Public Roster (by rank) 2 January 2014” and a document titled ‘Revised army general roster.’ According to Re/code , the group also left a message on PasteBin which read, “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS. #CyberCaliphate In the name of Allah, the Most Gracious, the Most Merciful, the CyberCaliphate under the auspices of ISIS continues its CyberJihad. While the US and its satellites kill our brothers in Syria, Iraq and Afghanistan we broke into your networks and personal devices and know everything about you. You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah’s permission we are in CENTCOM now. We won’t stop! We know everything about you, your wives and children. U.S. soldiers! We’re watching you!” It was then followed by four links to a collection of documents on file-sharing sites. According to Reuters , which reviewed  some of the documents, these are all available by a simple Google search. The documents included the US Department of Defense’s “Estimated Impacts of Sequestration-Level Funding,” which is available on a public government website. Another document titled “Program Acquisition Cost by Weapon System” is a March 2014 document available on the website of the defense department’s comptroller. [caption id=“attachment_2043149” align=“alignleft” width=“380”] Screenshot of one of the tweets that was put up.[/caption] Also some of the slides posted in later tweets titled “China hacking scenario”, “North Korea hacking scenario” were apparently created by Lincoln Laboratory, a federally funded research center at the Massachusetts Institute of Technology that studies national security problems. They have not yet responded on how hackers got their hands on these slides. The US military has obviously sought to downplay these attacks. Pentagon spokesman Army Colonel Steve Warren told the press,  “It’s inconvenient, it’s an annoyance but in no way is any sensitive or classified information compromised.” But in private even US military officials admitted that this was embarrassing, notes the Reuters report. As far as the ‘hacking’ is concerned, there doesn’t appear to be any serious damage and it’s certainly not going to affect US operations in the Middle-East. But it definitely means some sniggering from the public and it won’t be surprising if memes, jokes soon start flooding the Internet. With the social media becoming ubiquitous (even CIA joined Twitter last year), for most agencies this is a new way to maintain a public image.  For starters, it sends out the signal that US military systems aren’t entirely foolproof and can be hacked, even if it is a simple Twitter account. While the US military is content to call the act “inconvenience,” the fact is that the accounts were ‘compromised’ for 30 minutes, which in the Twitter universe is enough for everyone to take screenshots and share the Tweets. Also you don’t expect any military organisation to lose control of their ‘official account’ for so long. Sure it’s nothing like the Sony Picture’s hacking, which revealed emails where Sony execs had mocked movie stars like Angelina Jolie, business deals , and pretty much ensured that the company was all set to cancel the release of The Interview, the film mocking North-Korea’s Kim Jong-un. But while North Korea was blamed for the Sony hacking and has firmly denied the charge, in the case of the US military ISIS supporters have openly come out to claim credit for defacing these Twitter and YouTube accounts. Where cyber-warfare is concerned, it is the new way to leave a mark and ISIS and its supporters haven’t shied away from using the Internet to spread their ideology. Case in point was the @ShamiWitness account, allegedly run by a techie in Bengaluru, and known to be one of the most prolific ISIS social media accounts. So when jihadist propaganda ends up on US military’s timeline, it looks extremely embarrassing, more so since the US is actively carrying out actual strikes against them in the Middle-East. For the US military, which is trying to stop the jihadists both in the real world and cyber world, the brief loss of a Twitter account is more than just embarrassing. It signals that in some way that ISIS supporters are capable of inflicting some damage (no matter how brief) to the Internet image of the US military, which isn’t a good sign. With inputs from Reuters