US Central Command says it will review its cyber security after hackers claiming to have links to ISIS hijacked two of its social media accounts.

US Central Command (Centcom) has dismissed the acts, which saw its YouTube and Twitter accounts briefly fall into the hands of hackers and used to distribute pro-ISIS messages as “cyber vandalism” and said that none of its military servers were compromised during the incident.

Centcom said it would not consider discontinuing its use of social media to further its aims however, a spokesman for military organisation conceded that a security review was necessary.

“As a matter of policy, we don’t discuss specific security measures, but as part of looking into this incident we will also evaluate our cyber security measures and take any necessary steps to improve security,” the Centcom spokesman said.

Twitter suspended Centcom’s account within an hour of its compromise but not before attackers replaced its profile image of a person cloaked in a black and white keffiyeh and the words“CyberCaliphate”.

“WE ARE COMING, WATCH YOUR BACK. ISIS,” the attackers warned in a letter addressed to US soldiers using Centacom’s compromised account.

“You'll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah's permission we are in CENTCOM now.

We won't stop! We know everything about you, your wives and children.

U.S. soldiers! We're watching you!” the letter continued in dramatic tones.

The attackers also used the account to draw attention to documents posted on the web in an attempt to give credence to their claims that they had breached Centcom military servers.

Read more: Now operational, Australian Cyber Security Centre soliciting incident reports

The documents, some of which appearing to be authored by MIT Lincoln Laboratory, were Microsoft PowerPoint presentations detailing US security concerns in North Korea, Indonesia, Central Africa, China and the Caspian Sea. The attackers extracted images of maps showing the location of nuclear sites and military targets from some of the presentations and posted them on Centcom’s Twitter feed.

Centcom said that the information was publicly available and did not come from its servers. However, it has contacted US law enforcement agencies over the hackers’ apparent release of personal details of military personnel in some of the documents.

“Our initial assessment is that no classified information was posted and that none of the information posted came from Centcom’s server or social media sites. Some of the information posted may have contained potential (personally identifiable information), so we notified appropriate (Department of Defense) and law enforcement authorities about its potential release and we'll take appropriate steps to ensure any individuals potentially affected are notified as quickly as possible,” Centcom’s spokesman said.

Centcom’s Twitter feed was restored shortly after midday yesterday. Its YouTube account was still suspended as of late yesterday evening Australia eastern daylight saving time.

Read more: Businesses, governments value local skills in joint malware fight: BAE SAI

David Vaile, executive director of the University of NSW’s Cyberspace Law and Policy Centre said that it was risky for military to use social media services designed for ease of use rather than secure communication for their official business.

Social media had become an effective low-cost and low-risk means for extremist and fringe groups to garner global political capital for their aims, Mr Vaile said.

“It’s a bit disturbing how willing much of the media seems to have been to cooperate in the glamorisation and promotion of what they’re up to,” Mr Vaile said before adding: “The degree of difficulty was actually quite low but they’ve got worldwide headlines. It’s more in the nature of social engineering of the media than an actual data breach. Even as a hoax, revealed quite quickly, it’s not enough to undo the effectiveness of feeding into the stream and having it propagate through the various networks”.

Sources close to the hacking incident said that it was unlikely that attackers had any genuine links to ISIS.

“I think we’re going to find that this was something else entirely,” the source said.

The hacking incident occurred as President Barrack Obama prepared to address the US Department of Homeland Security on a series of legislative proposals to tighten cyber security for private companies and government organisations.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Upcoming IT Security Events

Feb 3rd, Feb 4th, Feb 6th 2015

Join @NirZuk #PaloAltoNetworks for Breakfast (lunch in Auckland) on keeping your enterprise safe from risk. Cyber attacks continue to increase in volume and sophistication leaving traditional security practices completely ineffective. 

Read more: ACSC goes silly on cybersecurity as public outreach campaign hits YouTube

Register Today Seats are limited

March 3rd, March 5th, March 9th 2015

Join CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt

3 International Keynote speakers, 36 Key IT Security Industry Speaker, 21 Exhibitors, Security Analysts and many more.. Register today

Dont miss one of the biggest IT Security events in ANZ (registration is free, but seats are limited)

Join the CSO newsletter!

Error: Please check your email address.

Tags cybercaliphateUS Central commandISIS hijackedISIS hacktwitterpowerpointNSW’s Cyberspace Law and Policy Centresocial mediaCENTCOMattackers warnedcyber securityyoutube

More about CSOEnex TestLabIT SecurityMicrosoftMITUniversity of NSW

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Andrew Colley

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place