US defense officials said the hacking of Central Command’s social media accounts was embarrassing, as military and White House officials sought to downplay the effect of the hacking.
Meanwhile, hundreds of French websites have been hacked by self-proclaimed “cyberjihadists” in recent days.
On Monday, a group declaring support for the Islamic State of Iraq and Syria (ISIS) Islamist group hacked US Central Command’s (Centcom) Twitter and YouTube accounts, forcing the military to suspend the command’s Twitter feed.
In a propaganda setback for the US military, a black-and-white banner with the words “CyberCaliphate” and “I love you ISIS” replaced Central Command’s usual logo on Twitter and YouTube before the pages were suspended.
The Twitter feed had several messages from hackers, including one telling American soldiers to “watch your back,” and the YouTube account had two videos that appeared to be linked to ISIS.
The hackers published a list of generals and addresses associated with them, titled “Army General Officer Public Roster (by rank) 2 January 2014,” from the Centcom Twitter account.
Subsequent posts read, “Pentagon Networks Hacked! China Scenarios” and “Pentagon Networks Hacked. Korean Scenarios.”
Central Command is based at the MacDill air force base in Florida and handles American military operations covering the Middle East and Central Asia. Central Command oversaw the wars in Iraq and Afghanistan and is managing the US airstrikes against ISIS.
Two US defense officials, speaking on condition of anonymity, told Reuters that the hacking was an embarrassment, but that the images posted by the hackers did not appear to include classified information or pose a security threat.
Pentagon spokesman Army Colonel Steve Warren said the Defense Department “views this as little more than a prank, or as vandalism.”
“It’s inconvenient, it’s an annoyance but in no way is any sensitive or classified information compromised,” Warren told a press briefing.
The White House said it was monitoring the extent of the hacking incident. White House spokesman Josh Earnest said during a press briefing that the hacking was “something that we take seriously.”
Earnest seemed to downplay the impact of the incident, saying, “There’s a pretty significant difference between what is a large data breach and the hacking of a Twitter account.”
President Barack Obama separately on Monday announced new proposals aimed at bolstering American cyber-security in the wake of recent high-profile hacking incidents including one against Sony Pictures Entertainment that US officials have blamed on North Korea.
Some experts believed the data published on the hacked command’s Twitter feed did not contain information that compromised national security and that much of the date could easily be found using Google searches, including the US Department of Defense’s “Estimated Impacts of
Sequestration-Level Funding,” which is available on a public government website.
Another budget document, “Program Acquisition Cost by Weapon System” is a March 2014 document available on the website of the defense department’s comptroller. Another is a draft version of the 2015 appropriations bill for the Defense Department.
Hacking in France
Meanwhile, hackers claiming to be Islamists have hijacked hundreds of French websites since the attacks on the satirical weekly Charlie Hebdo, flooding them with jihadist propaganda.
Homepages of several French websites have been replaced by phrases like “There is no God but God”, “Death to France” or Death to Charlie” written against a black background, often with the signature #OpFrance. The technique termed “defacement” consists of taking control of an internet site and modifying its content.
Since last week’s attacks in Paris that killed 17 people, various sites – mainly those of city halls, schools, universities, churches and businesses – have been hacked by groups claiming to be Islamists from North Africa or Mauritania.
Users were directed to a site broadcasting a fundamentalist speech when they logged onto the official website of the Lot department in southwest France. A Tunisian group calling themselves “Fallaga Team” claimed to behind this incident.
A website showing a message in Arabic and another in French which said “I confirm that there is only one God and that is Allah. I confirm that Mohammad is the messenger of God” replaced the home page of the Caen Memorial, a museum and war memorial in the northwestern town of Caen.
“We are facing groups of activists who are forming and dissolving very quickly,” said Gerome Billois, a cyber-security expert at Solucom.
“I can’t remember having seen such a big hacking campaign in such a short period of time,” he said, adding that “several hundreds of sites had been affected.”
“We can speak of cyber-jihad, and hacking is just the tip of the iceberg and also the least dangerous since the only consequence is the display of an ideology,” said Thierry Karsenti, European technical director at cybersecurity firm Checkpoint.
He added that it was technically fairly easy to take control of these sites given that they were either poorly protected or not updated regularly enough.
The same hacking techniques are being used by the opposing camp. After calls from the hacker group Anonymous to avenge Charlie Hebdo, activists claimed to have attacked jihadist propaganda sites.
“Wait for a huge reaction from us,” the group said after launching a Twitter account called @OpCharlieHebdo following the Paris attacks.
The message on the social network said that the group, part of Anonymous, was fighting to “defend the freedom of expression and opinion.”