On Monday, January 12th, the official Twitter account & YouTube channel for US Central Command or CENTCOM were hacked by ISIS supporters. Pro-ISIS propaganda appeared on @CENTCOM Twitter homepage warning “American Soldiers, we are coming, watch your back. ISIS.”
@CyberCaliphate account is currently suspended but claims to have hacked the US Central Command Twitter account. Besides the typical threats, there were links to documents that appeared to be confidential files stolen from American military computers. One of the Tweets was a list of US military personnel including a phone number listed as belonging to the former General of the former chief of both CENTCOM and the National Security Agency. The hackers also published a document from MIT referring to U.S. intelligence, surveillance, and reconnaissance regarding China.
All of the accounts involved have been suspended until an investigation concludes they can be safely re-activated. You might remember that just 1 week earlier, Cyber Caliphate hacked the Twitter accounts of Fox & CBS News claiming there would be more attacks in the future.
You Are Next
By all accounts, terrorist groups like ISIS as well as anarchist hacktivist groups like Anonymous are waging a successful war against the powers that be. This might not directly affect your average citizen or small business but the methods they use to wage war all come back to best security practices that we all need to follow. Anyone on the grid or internet is vulnerable to the same kinds of attacks from these or any groups.
Here are a set of tips to follow that apply to Twitter as well as any password protected account on the internet you would like to keep private.
1) Use Strong Passwords to prevent being the victim of hacks. Twitter encourages a Minimum of 10 characters but longer is better. I recommend 15 characters minimum using upper/lower/numbers/symbols. Do not use common dictionary words and do not reuse passwords across multiple web sites.
2) NEVER use personal information such as phone numbers or birthdays.
3) Use login verification (also called two step authentication) whenever available. This additional step can be annoying but is another layer of security protection.
BVS, Inc. CEO | Author | Speaker | Cyber Security & Wireless Expert at Scott Schober LLC
Scott Schober presents at cybersecurity conferences for banking, insurance, transportation, construction, telecommunications and law enforcement industries. He has overseen the development of dozens of wireless test, security, safety and cybersecurity products used to enforce a “no cell phone policy” in correctional, law enforcement, and secured government facilities. Scott regularly appears on network news programs including Fox, Bloomberg, Good Morning America, CNN, MSNBC, NPR and many more. He is the author of 'Senior Cyber', 'Cybersecurity is Everybody's Business' and 'Hacked Again', the “original hacker’s dictionary for small business owners” - Forbes Magazine.
Latest posts by Scott Schober (see all)
- This is why nobody is allowed a cell phone in classified debriefings - 11/18/2022
- Death of the VPN: A Security Eulogy - 08/24/2022
- Is TikTok the Devil You Know or Worse? - 06/29/2022
Leave a Reply
You must be logged in to post a comment.