Monday, January 12, 2015

#PWNED - United States Central Command Twitter Account Hacked

A group claiming to be part of ISIS hacked the US Central Command Twitter profile today in an act
of "cyber terrorism". While the attackers were in control of this account they made threats and posted documents with "sensitive military information".

There are a few very important things to note:
There are however a few serious concerns and they aren't items I see making the rounds in news posts.
  • I would hope that US Central Command would realize their Twitter account was at least as hackable as these celebrities.
  • I've heard no confirmation of two-factor authentication being used which is available to anyone with a phone and a Twitter account for free. 
  • Why do these accounts exist in the first place? Is there a public outcry for tweets from Central Command about their goings on? #InternationalMilitaryCollaboration #WhereMyAlliesAt
  • How did they do it? We may never really know. Password resets are tied to email accounts with wildly varying reset processes and security questions. A breach of the email account used for password reset is as good as a breach of the targeted system. Let this story of account access spiraling out of control serve as a cautionary tale. 
I often wonder if accounts like this are not a form of honeypot. A nice sticky gooey Twitter account just begging to be defaced by script kiddies the world over. It's off the DoD network and can be used to gather information about groups that would attack DoD systems were this low hanging fruit not there. A curious thought for sure.

What I would bet on is this:

  1. Somewhere the person in charge of this account is at a table having a terrible, horrible, no good, very bad day.
  2. The person on the other side of the table is ordering someone in DoD telecom to issue a Blackberry that stays locked in a safe at CentCom. This Blackberry will be used just for two-factor twitter authentication.
  3. A team of very serious people are combing through a mountain of logs files to determine the source of the unauthorized account access. 
In the end... this is a prank. There is egg and that egg is located on someones face. There is no real danger beyond the shame of a major military organization having their Twitter "pwned". 

What can you do to secure your Twitter feed?
Remember, reputation is just as important as information. Protect your accounts even if the information stored on them is low value. Someone could use that access against you and harm your reputation. Just ask @centcom.

No comments:

Post a Comment