As the U.S. military’s Central Command (CENTCOM) deals with hacks to its Twitter and YouTube accounts, a San Diego computer security expert said he expects to see more cyber-attacks just like it.
CENTCOM confirmed its sites were “comprised” for about 30 minutes Monday when pro-ISIS messages were posted by unknown hackers, NBC News reports. Two ISIS videos appeared on the CENTCOM YouTube page, and the agency’s Twitter banner and profile images were replaced with messages that read "CyberCaliphate" and “I love you isis.”
“We’re going to see more of these attacks partly because when the bad guys see something like this, it emboldens them,” said Stephen Cobb, Senior Security Researcher at ESET. “There will be copycat attacks and so on, and we still don’t have the protection in place that we should have had some years ago.”
Cobb said the hack is embarrassing for both the government and military, and he also wonders about the amount of security being used on government social media accounts.
“That’s where organizations, both public and private, fall down. They don’t realize how much ability there is out there to attack and whether or not it’s appropriate to be using some of the technology we’re using if it is not fully secure,” said Cobb.
The hackers posted spreadsheets to Twitter that contained contact information and addresses of retired U.S. Army generals. Defense officials said none of the information was classified and some of it was taken from presentations on other Internet sites, according to NBC News.
Cobb told NBC 7 there will continue to be a cyber “arms race” between the good guys and the bad guys, and he expects the problem to get worse before it gets better.
“Long term, the solution is to tighten up security that we put in place, but to also address the issues that result in the criminal attacks,” said Cobb. “And so that’s something that has to happen on a national and international level where this kind of activity is deterred very seriously by governments rather than the people using the technology.”
CENTCOM said the social media sites operated on commercial, non-Defense Department servers. They have been taken offline while officials investigate the incident.
