Hit List: ISIS 'hacking division' Releases Details of 1,400 Military & Government Personnel.

Uploaded on 2015-09-08 in NEWS-Cybersecurity News, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, TECHNOLOGY--Hackers

screen-shot-2015-01-12-at-10-22-07-am.png?w=680&h=465

A group calling itself the Islamic State hacking division has published the details of 1,400 mostly US military and government personnel, urging supporters to attack those listed.

The spread sheet, published recently online, exposes names, email addresses, phone numbers and passwords and those listed include members of the marine corps, Nasa, the state department, air force and FBI. Supporters of Isis on Twitter seized on the breach, posting personal details of soldiers and government staffers and encouraging lone wolves to “act and kill”.

A person claiming to speak for the group told the Guardian the information was obtained from military and government databases, a claim on which US army officials threw doubt.
 “This is the second or third time they’ve claimed that and the first two times I’ll tell you, whatever lists they got were not taken by any cyber attack,” the army chief of staff, Gen Ray Odierno, said.
“This is no different than the other two,” he said, referring to earlier so-called hacks by Isis supporters in January and May.
“But I take it seriously because it’s clear what they’re trying to do ... even though I believe they have not been successful with their plan,” he said.

A computer security expert, Troy Hunt, also cast doubt on the alleged hack, suggesting much of it could have been scraped from existing data breaches or publicly available information.
“It’s pretty clear that it’s been aggregated from different sources,” he said. “It’s been put together on the basis of a .gov or .mil address. Even the passwords, they’re not strong enough to have come from a corporate or government.
“They’re not even strong enough to have come from an online service - you can’t create a Gmail account, for example, with a password of less than eight characters, and here we’re seeing some passwords of three letters.”
The Pentagon said it was still looking into the incident.

“We don’t really have much information because most of the email addresses appear to be really old and passwords listed in the tweet don’t match up with our password strength requirements,” marine Lt Col Jeffrey Pool said. Also listed were at least eight Australians, including a member of the Victorian parliament and members of the Australian defence forces.
 
Australians on ISIS-aligned group's hit list include Justice minister Michael Keenan who says the government is aware of the list and spy agencies are looking into it.

Among the first to post the spreadsheet was the hacker Junaid Hussain, reportedly third on a CIA “kill list” of Isis members and supporters. The British national has been linked to the gunmen who attacked a prophet-Muhammad drawing contest in Texas in May.

Only the Isis leader Abu Bakr al-Baghdadi and its most prominent executioner, Mohammed Emwazi, are higher on the CIA list. 
Ein News:  http://bit.ly/1UCdL1d

« US & China Are Escalating Their Cyber War
Malaysian Police Work with Interpol & FBI to Foil Cyber Warfare Threat »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Tendo Solutions

Tendo Solutions

Tendo Solutions provides intelligence, security, forensics and risk solutions to clients across different sectors and jurisdictions.

Computer Forensic Services

Computer Forensic Services

Computer Forensic Services are digital evidence specialists. Practice areas include Information Security, e-Discovery, Law Enforcement Support and Litigation.

CSIRT-IE

CSIRT-IE

CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland.

Magix Security

Magix Security

Magix Security assesses the cyber threat, gives you visibility of how vulnerable your business is to attack, and provides cybercrime detection and prevention services.

National Authority for Electronic Certification and Cyber Security (AKCESK)

National Authority for Electronic Certification and Cyber Security (AKCESK)

AKCESK ensures security for trusted services, in particular reliability and security in electronic transactions between citizens, businesses and public authorities.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

CloudVector

CloudVector

CloudVector's API Detection & Response platform is the only API Threat Protection solution that goes beyond the gateway to provide Shadow API Prevention and Deep API Risk Monitoring and Remediation.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo is the UK’s largest cloud and cyber security event.

CounterFind

CounterFind

CounterFind is turnkey technology that allows brands to find and remove counterfeit and infringing merchandise from online marketplaces and social media sites.

Input Output (IOHK)

Input Output (IOHK)

IOHK is one of the world's pre-eminent blockchain infrastructure research and engineering companies.

Jisc

Jisc

Jisc is a membership organisation working in partnership with the UK’s research and education communities to develop the digital technologies they need to teach, discover and thrive.

Cloud Range

Cloud Range

Cloud Range provides cybersecurity teams with access to the world's leading cyber range platform, eliminating the need to invest in costly cyber range infrastructure.

BastionZero

BastionZero

BastionZero is leveraging cryptography to reimagine the tools used to manage remote access to servers, containers, clusters, applications and databases across cloud and on-prem environments.

CCX Technologies

CCX Technologies

CCX Technologies design and develop a wide range of cybersecurity and testing solutions for the aviation, and military and government markets.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.