A Twitter account associated with the Syrian Electronic Army on Monday claimed to have taken over the US Army’s official website.
One of the messages it claims to have left on the site:
— SyrianElectronicArmy (@Official_SEA16) June 8, 2015
A purported screenshot of the claimed takeover reads:
Your commanders admit they are
training the people they have sent
you to die fighting
…with a blue “OK” button below the text.
The US Army confirmed that it had temporarily taken the site down and that a group calling itself the Syrian Electronic Army had compromised the site and posted messages.
Brigadier General Malcolm Frost, chief of Army public affairs, said in a statement that Army data had been protected from the breach:
Today an element of the Army.mil service provider’s content was compromised. After this came to our attention, the Army took appropriate preventive measures to ensure there was no breach of Army data by taking down the website temporarily.
The SEA has a long history of hijacking and defacements.
Its extensive list of victims has included The Washington Post (multiple times), Reuters (multiple times), Forbes, Skype, Twitter, the New York Times, the Financial Times, CNN, Time, Viber, and even the Onion.
Some of these victims have fallen for phishing attacks. One such was content recommendation service Outbrain, used by popular websites such as CNN, Time and The Washington Post.
In fact, it was an email that appeared to come from the company’s CEO that duped some employees into handing over their login credentials.
We don’t know how the Army site got taken down, but it’s clear that sites should be using every security tool possible to fend off these and other vandals, be it two-factor authentication turned on for every possible service or staff training regarding spotting and fending off phishing attacks.