On Monday afternoon, the official public website of the U.S. Army was taken down by hackers allegedly affiliated with the Syrian Electronic Army (SEA).
The group claimed responsibility for the hack on Twitter, posting several screenshots of the defaced www.army.mil website:
The #SEA hacks the official website of the US Army and leave several messages on it | http://t.co/Q93FQFg3cG pic.twitter.com/e8ZXp58oAY
— SyrianElectronicArmy (@Official_SEA16) June 8, 2015
According to a report published by Ars Technica, the website also served a message to visitors, which read: “Your commanders admit they are training the people they have sent you to die young.”
Ken Westin, Tripwire Senior Security Analyst, explained the hackers appeared to have gained access to the site by compromising the CDN that is used to distribute content from the website globally.
“The credentials for the control panel could have been compromised via a phishing attack or brute force,” said Westin.
“From the information provided at this point, it does not appear that this is part of a larger breach of an actual server or military network.”
Westin added that the damage inflicted appears to be limited to propaganda. However, Westin warned that if the email account that is tied to the administration of the Limelight CDN control panel is compromised, it could mean that other social media accounts may have been compromised, as well.
Defense officials have confirmed the hack, and assured the website does not contain classified information or private personal data of any Amy personnel, military or civilian.
Army Brig. Gen. Malcolm Frost, chief of public affairs, said in a statement:
“After this came to our attention, the Army took appropriate preventive measures to ensure there was no breach of Army data by taking down the website temporarily.”
At the time of this writing, no other mentions have been made regarding any further intrusions on the official Syrian Electronic Army Twitter account.