During a House Foreign Affairs Committee briefing on North Korean cyber and nuclear threats, one high-ranking Republican veered off course and suggested that Monday’s hack on a US military twitter account is “severely disturbing” and necessitates a discussion about how to define an act of war.
“What is going to be the response of the United States of America…when our military is under fire?” asked Rep. Michael McCaul (R-Texas) Tuesday morning.
The chair of the House Homeland Security Committee went on to claim that the US government doesn’t “know how to respond to these things.”
“Proportional response what does that mean, act of warfare what does that mean?” he asked.
For less than an hour on Monday afternoon, the Twitter and Youtube pages belonging to the US military’s central command were hacked and used to display warning to US troops and documents purporting to show sensitive information about US operations and military brass.
A group calling itself the “CyberCaliphate,” which claimed to be aligned with the Islamic State, took responsibility.
CENTCOM attempted to assuage fears about the nature of the attack in a statement issued Monday.
“We are viewing this purely as a case of cybervandalism,” it said. The statement also claimed that military networks were not compromised and that documents posted were “readily available.”
Rep. McCaul, however, was undeterred in hyping the severity of the incident. He claimed that in the past “these jihadist groups” have been attempting to get this “type of technology and malware,” but now they are “successful at hacking into our CENTCOMs, into our military.”
“ISIS!” the lawmaker from Texas shouted.
A high-ranking official within homeland security’s cybersecurity operations and a witness at the hearing, retired Brigadier General Gregory J. Touhill, attempted to downplay the concerns raised by Rep. McCaul.
“This was a commercial space, there was no compromise, no evidence of penetration into any government, specifically military systems,“ said Touhill.
He added later that what constitutes an act of war in the cyber realm has been “hotly and actively debated for many years.”
Monday’s hack on CENTCOM was not particularly unique or sophisticated. Similar hacks were conducted in previous weeks against online news outlets in New Mexico and Maryland.
Although the method of the attack is unknown, it could be pulled off through a simple “spear phishing” attack to acquire a social networking credentials from a user who’s fooled into giving them away.
