14 DAY TRIAL // The Syrian Electronic Army claims to have breached the systems of the United States Central Command (CENTCOM). The attack appears to be in response to the US’s intention to use cyber warfare against Syria.
“Operation targeting CENTCOM are now in motion due to Obama's decision to attack Syria with electronic warfare,” the hackers wrote on Twitter.
So far, the hackers have published a screenshot to show that they’ve gained access to Army Knowledge Online (AKO) servers. The AKO provides enterprise information services to the Army and Department of Defense customers. It provides services on both classified and unclassified networks.
The image published by the Syrian Electronic Army on Twitter shows that they’ve obtained information related to Department of Defense organizations, particularly Air Force operations.
Representatives of CENTCOM have told The Tampa Tribune that the hackers’ claims are “totally bogus.”
Bob Gourley, the former CTO of the Defense Intelligence Agency (DIA) and founder of Crucial Point LLC, has told The Tampa Tribune that the files shown in the screenshot published by the hacktivists appear to contain unclassified information.
Gourley says that if the SEA’s claims are true, they appear to have access to unclassified areas, not SIPRNet, the network used by the Department of Defense and the Department of State to transmit classified information. At this point, it would be more an embarrassment than a security concern.
However, the SEA argues that the screenshot it has published is only the beginning, claiming to have successfully penetrated “many central repositories.”
A lot more data will be published in the upcoming days, which, according to the pro-Assad hacktivists, will demonstrate that the breach is more serious than it appears at this point.
In the coming days we will update you with specific details and hundreds of documents that the #SEA has obtained.
— SyrianElectronicArmy (@Official_SEA16) March 14, 2014 Interestingly, when we try to visit the website of AKO (us.army.mil), we’re warned that the website’s SSL certificate is not valid. It’s uncertain if this is related to the hack attack.
The Syrian Electronic Army revealed its intention to target CENTCOM back in late February.
“SEA advises the terrorist Obama to think very hard before attempting ‘cyberattacks’ on Syria,” the hackers wrote at the time. “We know what Obama is planning and we will soon make him understand that we can respond.”
The announcement came shortly after a report revealed that the US was considering using cyber tools to attack Syria.
The Syrian Electronic Army doesn’t usually make false claims, so they probably have access to some of the US Central Commands’ servers. It remains to be seen just how deep they’ve gone.