Your Source for Leaks Around the World!

Syrian Electronic Army Operation Targets CENTCOM, Hacks Army Knowledge Online (AKO) Portal

In Archive, CENTCOM, Hacking, SEA, Syria on March 14, 2014 at 4:13 PM

03/14/2014

Andrew Blake/RT:

The Syrian Electronic Army hacktivist group said from their Twitter account on Friday that they were engaged in an operation targeting CENTCOM due to US President Barack Obama’s “decision to attack Syria with electronic warfare.” Soon after the group claimed to have “already successfully penetrated many central repositories,” and tweeted a screenshot of what is purported to show that hackers have indeed somehow wound up inside of a military computer system of some sorts. The image suggests that someone from the SEA may have in fact gained access to a military directory called “AKO Home” that contains a number of folders with names relating to the US Air Force specifics command units under that branch.

“AKO,” or “Army Knowledge Online,” is the name of a web-based enterprise information system used by the Pentagon to let military personnel access files from any internet-connected computer, and was called “the world’s largest intranet” in a 2001 WIRED article.

“It’s a total aggregation of all the information the Army has, all the documents, manuals and files,” Ryan Samuel, the director of public relations at a company that helped develop the AKO, told Wired’s Louise Knapp for that article.

At the time, Louise said the AKO had room for around 70 terabytes of storage for those files, though that number has almost certainly grown exponentially over the last 13 years.

The AKO website was slow to respond following the hackers’ claim, which could be the result of a surge in visitors prompted by the SEA’s tweets, an attempted denial-of-service attack to momentarily cripple the military’s servers or, also likely, a total coincidence.

Requests for comment made by RT to the Army’s press office were not immediately returned Friday afternoon.

The US has not publically admitted to waging any cyberattacks against the Syrian government, although the White House has been linked to waging a digital attack on Iran’s nuclear enrichment program, and leaked National Security Agency documents have shown that the US intelligence community has an arsenal of offensive/cyberweapons at its disposal.

TBO:

U.S. Central Command is denying a claim made today by a pro Assad hacking group that it penetrated the command’s computer system.

“Totally bogus,” said Oscar Seara, a Centcom spokesman, of claims tweeted by the Syrian Electronic Army shortly after noon that it was in the process of accessing Centcom’s computer system.

Pentagon officials did not immediately respond to a request for comment.

The information posted by SEA includes what appears to be unclassified information about U.S. military organizations, according to Bob Gourley, the first director of intelligence at the Pentagon’s cyber defense organization and former chief technology officer for the Defense Intelligence Agency, who reviewed the screenshot after a call from The Tribune.

The screenshot appears to contain information from the Army Knowledge Online website, said Gourley. AKO “provides corporate intranet services and single web portal to the United States Army,” according to its website. Files on the screenshot are from accounts about military organizations not specifically related to Centcom, including U.S Pacific Command, and various Navy, Army and Air Force operations.

Gourley said that, even if the claims were true, any access that SEA would have would be to unclassified areas and not the secure computer system called SIPRNET. Any entry would cause embarrassment, not a security concern, said Gourley, founder of Crucial Point LLC, a technology research, consulting and services firm.

“Maybe slightly above normal,” Gourley said of the level of concern Centcom officials should have regarding SEA.

If there was a breach, “I would call in everyone responsible for every public-facing web server and ask if they have implemented the most recent patches. I would ask the administrators to change passwords. It is a low-level response to a low-level threat.”

Gourley said that while Centcom’s denial is “probably right…Statistically if they have thousands of websites on servers around the globe there is a good chance that SEA has found a vulnerability in one of them. Certainly it is bogus in terms of SEA having any mission impact.”

SEA, in a tweet response to TBO.com, said:

  1. http://bas16lt1g.blogspot.com Finding bas16lt1g? We are independent distributors for hard to find and obsolete electronic components, more than 500 thousand items on our web database, buy electronic components from our web is the best choose.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: