Earlier this week, the Syrian Electronic Army (SEA) hacked into the public website of the U.S. Army and defaced it with a political message, Your commanders admit they are training hte people they have sent you to die fighting.” I have been reporting to you for two years about the hacking group known as the Syrian Electronic Army (SEA) who are vocal supporters of embattled Syrian President Bashar Assad. In the past they have managed to take over control of the websites of the New York Times, the Washington Post and CNN as well as the Twitter account of the Associated Press where they announced that the White House had been attacked, prompting a substantial, but short lived drop in the stock market. It does not appear that any critical data was compromised in this latest hack of the U.S. Army’s website, however, it does again show that government and business websites and social media accounts continue to be vulnerable to hacking.
The same advice that I give you as individuals, I would give to the U.S. Army and that is to use complex passwords and protect their security. In addition, most data breaches and breaches of security at websites are as a result of social engineering through phishing emails that lure employees to click on links or download attachments with keystroke logging malware that will enable the hackers to access the information in the target’s computers and thereby gain control of their data and their websites. The key to avoiding becoming a victim of phishing, which is a lesson we should all learn, is to never click on links or download attachments until you have verified that they are legitimate. Trust me, you can’t trust anyone.