A group of ISIS Affiliated Hackers has claimed to have hacked U.S. government servers stealing the personal data of hundreds of Government and Military personnel
In March 2015, hackers supporting the so-called Islamic State (IS, previously ISIS/ISIL) posted names, pictures and addresses of 100 US military personnel urging its “brothers residing in America” to slay them.
Now another pro-ISIS hacking group has claimed to have access to the personal data of 1,500 US military, government and security Personnel and once again the hackers have urged its supporters to go through the leaked data and carry out attacks on each and every one of them.
The leaked data first appeared on the Twitter handle of “Islamic State Hacking Division [sic].” The handle was suspended after the data went viral.
A message on the leaked file claims the hackers have been recording every move of the “Crusaders“
“O Crusaders, as you continue your aggression towards the Islamic State and your bombing campaign against the Muslims, know that we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the Khalifah, who soon, with the permission of Allah, will strike at your necks in your own lands!”
After analysing the leaked files, we have found that the hackers used a compromised third party WordPress blog (cedarsbyrola.com) to store the data.
The records include details allegedly on NASA, US Navy, Army and Air Force staff, US Embassy staffers, US State Department employees, Department of Energy workers and US Postal Service employees.
The claim by the group that the data only contains information belonging to US officials is disingenuous; it is believed that the data also contains the information of citizens from around the world including Australia, Israel and the UK. One theory is that the hackers could have mined the data from the wider internet and simply merged it in an Excel file and then leaked it online.
An area of ambiguity which leads to the suspicion that this is perhaps a propaganda driven hoax rather than an actual security breach/hack is the use of a weak password in plain-text format – which, stored on a military server, is quite unthinkable and almost impossible to believe. NBC reports that it contacted a security firm which has stated that it was also unable to authenticate the hack or support the legitimacy/integrity of the data.
Australian Justice Minister Michael Keenan has confirmed to Sky News that eight Australians have had their personal details compromised by I.S.
”We are aware that there has been a hack that comprised around 1500 people, and eight of those are Australians,” he told Sky News.
The authenticity of the hack and the integrity of the subsequent data leak is yet to be proven. However, at the time of publishing this article, the compromised WordPress blog was restored and the data had been removed from the Internet.
On April 9, 2015, another pro-ISIS group going with the handle of Cyber Caliphate hacked French television network TV5Monde, taking over full control of network’s broadcast, Facebook page, and websites.
The same group also hacked BBC’s transmission the very same day. However, after investigations; French team claimed that it may be government-backed Russian hackers from APT28 or Pawn Storm group behind these attacks.
It was after these attacks, the Europol in June 2015 decided to hunt each and every pro-ISIS social media account operating from the European soil.