The official Twitter account for the United States Central Command - CENTCOM - appears to have been compromised by a hacker group sympathetic towards the Islamic State.
A series of tweets were sent from the @CENTCOM account on Monday, starting with the warning “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS.“
That tweet and subsequent messages posted in the moments after contain references to a group known as CyberCaliphate. Links to documents that are purported to be confidential files pilfered from American military computers - including one cache of files containing slideshows that appear to include details about apparent threats in the Caspian, as well as in China, North Korea, Africa, and Indonesia.
The account has since been suspended, and White House Press Secretary Josh Earnest said shortly after news of the breach had surfaced that "this is something that we're obviously looking into."
In a statement, CENTCOM said its operational military networks “were not compromised and there was no operational impact,” promising to restore its Twitter and YouTube accounts as quickly as possible. The agency added that it considered the hack “purely as a case of cybervandalism,” stating that no classified information was posted.
Meanwhile, the FBI announced it is investigating the incident.
Originally, a statement posted on the website Pastebin shared by the compromised CENTCOM account announced:
“US and its satellites kill our brothers in Syria, Iraq and Afghanistan we broke into your networks and personal devices and know everything about you.
You'll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah's permission we are in CENTCOM now.
We won't stop! We know everything about you, your wives and children.
US soldiers! We're watching you!”
Soon after, the hacked Twitter account posted a photo that appears to show United States military personnel surrounded by computers with the caption: “ISIS is already here, we are in your PCs, in each military base." CENTCOM's YouTube page was also reportedly compromised.
Another tweet, linking to what appeared to be a roster of US military personnel, contained a phone number listed as belonging to Gen. Keith Alexander, the former chief of both CENTCOM and the National Security Agency. When dialed, RT reached the office of Admiral Mike Rogers - Alexander's replacement - and was referred to CENTCOM's public affairs office, where the call then went unanswered.
Last week, the social media accounts of two American television news networks were compromised by persons alleging to belong to CyberCaliphate - an apparent hacker collective either affiliated or sympathetic to the military group known as the Islamic State (formerly ISIS/ISIL). It was reported at the time that the US Federal Bureau of Investigation had opened a probe into the matter.
News of the CENTCOM breach occurred just moments after US Pres. Barack Obama concluded an address at the Federal Trade Commission headquarters in Washington, DC, where he proposed legislation intended to protect the personal information of Americans from hackers. The president said he'll be at the Department of Homeland Security on Tuesday this week "to focus on how we can work with the private sector to better defend ourselves from cyberattacks.”
An hour later at the White House, Earnest cautioned reporters that there is a "significantdifference between what is a large data breach and the hacking of a Twitter.
Commenting on the incident later in the day, Alayne Conway, a spokesperson for the Army's Public Affairs Office, told Motherboard that some of the documents published on Twitter had come from password protected sites.