On Monday, exactly when President Obama was giving a major cyber security speech at the Federal Trade Commission, the Twitter and YouTube accounts of the U.S. Central Command were hacked. For about an hour, they were under the control of a group calling itself the Cyber Caliphate, supporters of ISIS.
Almost immediately the social media world lit up, as did the television and radio punditry. This was not a military or intelligence disaster of the nature of the recent National Security Agency / Edward Snowden leaks, but it did do a great deal of propaganda damage to the American image in the Middle East. It also raises troubling questions about CentCom perhaps being a bit cavalier with its own protection as it embraces social media.
Seemingly within minutes of the hack, everyone was opining on what they saw as key questions. What does this mean? How much damage was done? How could the Defense Departments Middle East oriented warfighting command be so easily penetrated? Are the cyber operatives of ISIS that good? What does this auger for other cyberattacks on the U.S. military and government networks? Can the Cyber Caliphate take down the U.S. grid?
First, there needs to be a little reality check. Twitter and YouTube are commercial social media networks; they are neither owned, controlled nor defended by their customers.
Therefore, U.S. CentCom’s accounts are no more protected or secure than similar accounts that millions of individuals, companies, clubs, civic groups and yes, government entities, maintain. They are vulnerable. The hacker skills to get into this sort of public account and deface it are very rudimentary. The hackers never got into, or anywhere near CentCom’s operational networks of any sort. This is critical; the hackers did not get “inside” CentCom ever. The problem is that while this is technically true, it is also irrelevant. The propaganda victory goes to ISIS.
The world, particularly the Middle Eastern world, is trumpeting the penetration of CentCom by the Cyber Caliphate, so the propaganda damage is done.
Building on the embarrassment, Dr. Jim Carafano of Heritage stated that “as a U.S. Government entity, CentCom has a responsibility to monitor its publicly facing social media accounts 24/7. As soon as this sort of event occurred, the sites should have been brought down. If you must have open social media accounts, you must monitor them.”
Additionally, cyber experts Paul Rosenzweig and John Sheldon said respectively, “We (the experts) understand that it isn’t [technologically] important — but to the outside world this looks like a victory for ISIS” and “it’s the perception that matters in this case, the propaganda value is in the deed itself.” From a technical standpoint, there is some “expense”, because the entire site will need to be scrubbed to ensure there are no left behind malware infected links for users to click on once the site is fully restored.
The Republic is not at risk here. The Cyber Caliphate is not a team of giants on the cyber horizon. They may turn out to be a couple of 17-year-olds in a Beirut garage or coffee shop. CentCom is not about to collapse either.
But this is still a serious issue that needs to be evaluated carefully. Before Christmas, the FBI advised individual members of the military and their families to scrub their social media for personal information that terrorists could use to find and hurt them. It appears that the military’s major combatant commands need to do a similar scrub to remove any information that can be used by the enemies of America.
Social media is here to stay. Twitter and YouTube announcements have replaced press releases as a way to communicate with the public and with organizational members. Those same organizations have to realize that these sites are vulnerable and open to attack. What one can defend, you must. What you cannot defend yourself, you need to monitor and be ready to cut off before an adversary can use against you.