CENTCOM Under Fire as Pro-ISIS Hackers Seize Twitter, YouTube Accounts

January 13, 2015
By: Steve Anderson

For anyone who's been on the Internet for any length of time, it's likely that person already knows someone who's had a Twitter, Facebook, or YouTube (News - Alert) account hacked. This time, everybody knows someone who's experienced that particular breach of cybersecurity, as well as a YouTube account, thanks to a recent move by pro-ISIS hackers who seized the Twitter (News - Alert) feeds and YouTube accounts of the U.S. Central Command (CENTCOM).

The hackers had control of the Twitter account for about 30 minutes, according to reports, before the account was taken down, but in that time, plenty of information went out including pro-ISIS messages (one message reportedly read “i love you isis”) as well as such things as the contact information of retired U.S. Army generals went out. Reportedly, the contact information was in many cases out of date, and none of it was classified, so it was more as if ISIS posted old photos of phone book pages. The YouTube channel, meanwhile, was subsequently hacked and saw two ISIS videos get posted.

Reports suggest the sites recovered quickly—a post on CENTCOM's Twitter feed noted “We're back!” not long after 10 p.m. Eastern, along with a link to a press release—and CENTCOM's YouTube channel appears to be back up and ISIS-free.

As for actual damage caused by this incident, it's really more a matter of a loss of face than anything else. It was once stated by popular science webcomic XKCD that, when the CIA's website is hacked, it's not that someone managed to break into some really spectacularly classified systems, but rather that instead someone managed to break into the most lightly-defended of all CIA operations, because it has the least to offer. Indeed, XKCD specifically compared it to the Web-based equivalent of “tearing down a poster the CIA put up.” Remember, ISIS didn't manage to hack CENTCOM here, but rather successfully guess CENTCOM's Twitter and YouTube passwords. In fact, it wouldn't be out of line to consider the possibility that the two may have been the same password, a practice often decried by security experts but often used by regular people too busy and / or lazy to remember more than one strong password so often prescribed by said experts. This is why so many often recommend the use of some breed of password management tool, and one preferably kept out of the computer's main drag, on something like a USB drive or the like as it allows passwords to be quickly updated and not easily forgotten. It's worth noting that CENTCOM's YouTube page has two videos of ISIL (which is another name for ISIS) warehouses being destroyed from a week ago, and the Twitter / YouTube hack may have been a kind of counter-reprisal.

While this is a kick in the pride for CENTCOM, it's really not much more than that. ISIS managed to pull off a very small, very trivial hack that made CENTCOM look like a bunch of barely computer-literate doofuses for a few hours. It does, however, serve as a bit of a warning for the rest of us, and potentially a nice wake-up call to maybe go and change our email passwords or similar if such hasn't been done recently. The importance of a strong password is hard to understate, and the online razzing that CENTCOM is likely to take over this will serve as a little reminder to the rest of us.




Edited by Maurice Nagle