Yesterday afternoon supporters of the Islamic State hacked the Twitter and YouTube accounts of the U.S. Central Command (CENTCOM).
For about 40 minutes hackers were in control of CENTCOM’s social media accounts where they tweeted threats to U.S. service members and their families. Additionally, the hackers dumped files including employee directories and military maps. However, it turns out that all of the information the hackers posted was declassified and public information that can be accessed through simple Google searches.
Although the hackers only had brief control of the Twitter and YouTube pages and never had access to CENTCOM’s systems or data, it is still a propaganda boost for the terrorist organization. CENTCOM’s area of responsibility stretches from Egypt through the Levant, Arabian Peninsula, Persian Gulf, to Pakistan and up to Kazakhstan, which makes it the U.S. military command tasked with degrading and defeating the Islamic State.
The White House issued a press release stating that they are taking the matter seriously but stressed that the hackers never had access to Defense Department servers and there was no operational impact on CENTCOM. According to PoliticoPro, Ben Fitzgerald who is the Technology and National Security Program director at the Center for a New American Security stated, “The fact that this hack is inconsequential from a technical perspective is overshadowed by the easy and cheap win afforded to ISIS…Good username and password practices would likely have saved CENTCOM from this embarrassment. They should make sure to use 2 factor authentication in future.”