The Syrian Electronic Army has taken responsibility for defacing the US Army's website.
On Monday, the official US Army website www.army.mil, used for news releases and special features, was taken down for several hours following defacement of the homepage.
SEA took responsibility for the hack, claiming the cyberattack was performed through targeting and intercepting content paths in the backend of the US Army website. The SEA discovered an exploit in the website's Control Panel which allowed the group to edit protected content delivery paths -- which in turn allowed them to deface the website's pages.
Pop-ups appeared criticizing the US Army and its activities in the Middle East. One, posted on Twitter, said: "Your commanders admit they are training the people they have sent you to die fighting."
The group called for the US military to "stop training terrorists in Turkey and Jordan," saying there "are sources confirmed to us [..] and there are voices in the US military which reject this training and considers it a big mistake."
The website was taken down for several hours, but at the time of writing is now fully functional. In a statement, the US Army's Brig. Gen. Malcolm B. Frost said:
"Today an element of the Army.mil service provider's content was compromised. After this came to our attention, the Army took appropriate preventive measures to ensure there was no breach of Army data by taking down the website temporarily."
This is far from the first time the Syrian Electronic Army has launched a political cyberattack against well-known targets. The Washington Post, Microsoft, eBay and PayPal have all been former victims of the hacktivist group, which used the hacks to rage against the United States government and allege that data was being sold to the US government by the Redmond giant.
Speaking to ZDNet, iboss Cybersecurity CEO Paul Martini commented:
"It's certainly embarrassing when cyber war takes down the US Army's website. But the larger issue is not this annoying vandalism. The Army needs to protect its sensitive data from hackers and ensure there are no repeats of the massive federal government breach that was reported just last week."
Read on: In the world of security