Analyzing The Central Command Twitter Account Hack
Central Command’s Twitter account was recently hacked by cyber vandals. This cyber attack appears to be specifically timed for its optimum public exposure. The hackers waited until the president of the United States publicly discussed cybersecurity with the American community. The hackers claim to have accessed Central Command’s private data and claim to have knowledge about Central Command’s employees and their families as well.
The cost of a data breach can be millions of dollars. In Central Command’s case, the hack was a big hit to their reputation. It is not certain if any military data was threatened.
But how do we effectively defend against a cyber attack?
Having an extremely strong password isn’t enough to protect against this type of data breach. It is important to understand that browsing the Internet alone can infect a computer with malware that logs all of your passwords. It doesn’t matter if you have a 50‑character password with random numbers and symbols. If there is malware on the end, hackers can access all of your credentials and critical data. It is essential to have a solid security operations management plan and process and be proactive in defending against security incidents.
Never underestimate the adversary. CyberSponse is comprehensive security operations management platform designed to proactively help your company prepare to defend against cyber attacks and quickly mitigate any damage caused by an attack. CyberSponse is an automated security management and control platform that will identify security incidents and help to quickly mitigate damage caused by threats. Contact CyberSponse and visit our website today to schedule a demo.
Cory Johnson: …on the very day, Phil, that the President’s talking about cybersecurity, this happens?
Phil Mallingly: Minutes, actually, after he finished speaking, Cory, was the first time people started noticing that Central Command’s Twitter account had been hacked by individuals or a group of individuals who say that they are sympathizers with the Islamic State. They say it’s part of a “Cyber Jihad.” They are part of a “Cyber Caliphate.”
Again, a lot of postings right now. We have a call into Central Command. No confirmation yet on what’s going on, but it’s clear that the account’s been hacked. It also looks like the YouTube account has also been hacked. Poor timing, when you think about the President’s remarks, what this week is all about for the White House, all about cybersecurity.
Also, I think some broader questions about what information they’re actually posting. It looked, at one point, like they were attempting to post addresses of military officers. Again, they’re saying that they’re posting purported military plans for specific countries like North Korea and China. Again, no confirmation on whether or not that’s actually the case.
Again, really poor timing, and I think something that, obviously, military officials would be concerned about, going forward. As you noted up top, Cory, this Central Command is the headquarters for all of the US activity against the Islamic State in Iraq and Syria right now. That’s the base in Tampa, Florida, where that’s all coming out of right now.
I think that’s probably the significance there. I think as you said, sympathizers with the Islamic State, purportedly, are who is behind this attack. At least that’s our initial word on it, Cory.
Cory: Phil, stay with us for just a minute here. Joe, let me ask you. Maybe I’m conspiracy‑theory‑oriented, but I tend to believe this kind of thing isn’t just poor timing, that there’s no coincidence here whatsoever. When you look at this, Joe, knowing what you do about cybercrime, does this look like it’s tied into the timing of the President’s remarks?
Joe Loomis: I think it’s a calculated approach. If you’re going to compromise an account, you think about when is the most ideal time to let the victim know about it, and what is going to be the biggest statement piece? Once they know that they’ve been had, the campaign only…It loses its luster, shortly thereafter.
It proves the point that these things are extremely calculated, and they’re also very patient. Just because they get into an account, it’s not because of just password strength, too.
People need to understand that browsing the Internet alone can infect your computer with malware that logs all of your passwords so that it doesn’t matter if you have a 50‑character password with random numbers and symbols. If they have malware on the endpoint, which is your laptop, desktop, they’re going to get all of those types of credentials. I think this is a demonstration of that.
Cory: Phil, do we know? ISIS is known to use social media as a recruiting tool and as a way to get their messages out, but their cyber capabilities, I don’t think, have been evidenced ever before.
Phil: Actually, it’s interesting, Cory. I was speaking with some senior Justice Department officials last month about their ability to actually engage in cyber warfare and some type of cyber attack on the United States. Senior Justice Department officials, prosecutors, FBI folks that have looked into this said, in no uncertain terms, they did not think they had that capability yet.
Obviously, this doesn’t – at least on its face – look to be anything of that nature. I think the biggest question and the biggest concern for federal authorities up to this point with the Islamic State were for propaganda purposes.
Obviously, they’ve shown extraordinary talent and extraordinary ability to reach individuals, to get individuals interested in the organization and to try and bring those individuals either over to Syria or to try and spur lone wolf types of attacks.
I think the idea that the Islamic State could ever reach the capability to actually conduct a cyber attack is really the worst fear for a lot of – at least US – cyber command, things of that nature. I think if this, in any way, shows that they are one step closer to that, or hints at that, right now, that would be considered a major problem for US officials.
I think it would take them a step further, that at least month when I was talking to US officials, that they thought they had the capability of actually reaching.
Cory: Although, Joe, couldn’t this be just hackers trying to show off and not, indeed, ISIS in any way? Just using the threat of the day?
Joe: Yes, it’s absolutely possible, but we also have to not be naive in what the capability of the organization is. If a 15‑year‑old in his underwear in the basement of his mom’s house can be somewhat effective in being a black hat, I think that it’s a pretty fair statement to say that it doesn’t take a super rocket scientist in order to develop malware, when it’s commercially available out in the market.
You can either redeploy current campaigns that have worked and been successful before. We’ve seen that before with the Sony attack and regurgitation of malware. I really never underestimate the enemy, the old “Art of War” storyboard is “never underestimate” your enemy because their whole advantage of surprise is in the fact that they want to be, obviously, underestimated.
Cory: Here’s something that’s not a surprise. While we’ve been talking, the Pentagon has suspended the CentCom Twitter account…