At least two of the U.S. military’s websites were hacked, with pro-Kurdish messages and attacks on President Donald Trump being posted before they were taken down.
According to CyberScoop, the military was unaware of the hack until independent cybersecurity researcher Ronald Lovelace discovered the expletives about Trump and United States Ambassador to Türkiye Tom Barrack on two outward facing military sites.
It included the tags “FREE KURDISTAN,” and “the US president is a pedophile & thief. f–-k trump & tom barrack.” But the hack itself speaks to a larger issue at hand.
“It raises the severity a decent amount because it shows it’s a bit deeper than just one single path” that’s being corrupted, Lovelace told CyberScoop.
Soon after media outlets caught wind of the hacking, the Army took the two compromised sites offline. But the military, in conversation with CyberScoop, said that it wasn’t as big of a concern because the hacking took place on a legacy third-party platform that is not connected to the Army’s enterprise network.
“We are aware of unauthorized defacements on the error pages of oil.army.mil and ai2c.army.mil, which are hosted on a legacy, non-authoritative platform,” Army spokesperson Maj. Sean Minton in a statement. “Technical teams took immediate action to mitigate the issue, and the affected pages have been secured. The Army takes all cyber incidents seriously and is actively investigating this matter to enforce our strict cyber defense and network security standards.”
However, experts disagree on the level of concern. Feross Aboukhadijeh, founder and CEO of Socket, a software supply-chain security company, told Inc. that it’s less about the vandalism of the site and more that “It’s a symptom. A public-facing site was left running unmaintained third-party code long enough for someone to walk in.”
Questions of how secure the U.S. military is have popped up before in this administration. There is the incident when members of Trump’s Cabinet, including Secretary of Defense Pete Hegseth and Vice President JD Vance, included the editor-in-chief of the Atlantic in its war plans group chat.
The group chat leaked times of planned strikes and messaging around the attack on the Houthis. However, the White House chummed it up to be a silly mistake rather than a security concern.
Signal is not, and never was, considered a secure channel for communicating classified war plans.
Related | Media downplays Trump team’s massive leak fiasco as mere ‘blunder’
Additionally, the Daily Beast reported in March that Hegseth handed a multimillion-dollar contract to protect against hacks just like these to M.C. Dean, which could not even protect its own employees from a data breach.
But as the military, and its former Fox News hosting leaders, continue to downplay certain breaches, they do seem awfully focused on coming after the real enemies: “leakers” who speak to the press about their mistakes.
We’ll get straight to the point: The financial hardships that Daily Kos is facing this year are tough.
We continue to be paywall-free. We continue to be supported by our readers, not billionaires or corporations. But we need to bring in more revenue. We are leaning on our community more than ever to help make ends meet.
Click Here For The Original Source.
