The British Army confirmed yesterday that its Twitter and YouTube accounts had been breached by hackers.
The Army’s YouTube channel was changed to feature videos on cyptocurrency and images of billionaire businessman Elon Musk under the account name ArkInvest, while its official Twitter account was used to re-tweet several posts relating to NFTs and had its name changed a number of times.
The Twitter account’s profile image also got changed multiple times during the attack, at one point showing a monkey wearing a hoodie.
The Army took nearly five hours to regain control of its Twitter account.
There has been no comment on who might have been behind the attacks though the Ministry of Defence has confirmed that an investigation into the breaches is underway.
James Griffiths, co-founder and technical director of Cyber Security Associates (CSA) believes the breach may have been carried out via a plug-in or management tool:
The confirmed cyber security breach upon the British Army’s YouTube and Twitter accounts yesterday could have been achieved via a third party within the supply chain using a plugin or a social media management tool. If this plugin or tool was not protected then it could have given the cyber attacker the ability to directly post onto the social media accounts without having to login to both Twitter or YouTube.
Social media and the reach that accounts have to publish information and recommendations has exploded over the past few years. The British Army social media management team may have been a target however, it’s likely that they would have had Multi-Factor Authentication (MFA) in place to prevent an attack like this from happening. Clearly both Twitter and YouTube have MFA capability to protect accounts so it will be interesting to know for sure how the attackers managed to compromise these high-profile accounts.
While the nature of these accounts means the attack is unlikely to have been a threat to national security, hacking has featured in the Ukraine conflict with Anonymous claiming to have released the details of 120,000 Russian soldiers in early April.