Hackers claiming links to the Islamic State have hijacked several social media accounts belonging to U.S. military's Central Command. The hacking group, which calls itself "CyberCaliphate," is tweeting out what the group claims are U.S. military PowerPoints and data on retired Army personnel — seemingly sensitive files that have no business being publicly aired. The images are meant to show that the hackers have penetrated the Pentagon's network. But the chances of this actually having happened appear rather slim. Here's why.
Much of the information being shared by Centcom's hijacked Twitter feed is publicly available from other sources and appears to be nonclassified information. This is important because the hackers clearly want to make it seem as though they've successfully pulled off a major data breach.
But military experts, journalists and analysts are pointing out that there's less to the hack than may initially seem. Just because Centcom's Twitter account has been hacked doesn't automatically mean that Centcom itself has been hacked.
For reference of how damaging the release of Army retired GO roster is, you can easily find a version at least as recent as 2012 on google.
— Dan Trombly (@stcolumbia) January 12, 2015
Although leaking information on retired military personnel may be a gross invasion of privacy and still a serious matter for law enforcement, a lot of the information that "@CENTCOM" tweeted Monday is already available online. For instance, the hackers appear to have taken screen grabs of allegedly "secret" military plans from third-party Web sites, such as that of the widely respected Federation of American Scientists.
— Steve Koczela (@skoczela) January 12, 2015
The same image above appears to have been shared elsewhere on the Internet. Others are noticing that slides purporting to show the disposition of China's military lack the distinguishing marks of true classified information.
Nothing on the supposedly hacked DoD documents bears the usual markings of classified docs. No "NOFORN," for example.
— Olivier Knox (@OKnox) January 12, 2015
— Tim Mak (@timkmak) January 12, 2015
So far hacked @CENTCOM has only shared public documents or ones marked "for official use only." Quite a few steps away from classified...
— Blake Sobczak (@BlakeSobczak) January 12, 2015
This appears to be at least the second time within a week that the "CyberCaliphate" group has struck. Last Tuesday, the social media accounts of two local media outlets were compromised — the Albuquerque Journal and Salisbury, Md.,-based CBS affiliate WBOC. The profile images of those media outlets and of Centcom were replaced by a black-and-white image of a man with his face covered and text including the phrase "i love you isis." But in a sign of CyberCaliphate's likely limited capabilities, the group ran into trouble when it tried to hack another, New Mexico-based newspaper — and got stumped by the site's paywall.
So while all the initial signs of the hack appear to point to a massive data breach, it doesn't appear that the hackers responsible did any lasting damage to the nation's national security apparatus.