Pro-ISIS Hackers Post Alleged “Kill” List With 43 Names Including @StateDept Names

Updated: 2:58 am ET
[twitter-follow screen_name=’Diplopundit’ ]

 

In August last year, we blogged about the Purported ISIS ‘Hit List’ With 1,482 Targets including State Department names. Now, according to  Vocativ, hackers with a pro-ISIS group calling themselves the United Cyber Caliphate have distributed a “kill” list on Monday that appears to include dozens of U.S. government personnel.

The list features 43 names of people linked to the State Department, the Department of Homeland Security and the departments of defense, energy, commerce and health and services. It also identifies the U.S. embassies in Santiago and Kathmandu—as well as the Department of the Navy in Gulfport, Mississippi—as targets.

The purported “hit list” last year reportedly included personnel data of more than 1,482 members of the U.S. military, NASA, the FBI, the Port Authority of New York and New Jersey, and the State Department.  Technology security expert, Troy Hunt,  wrote at that time that “nothing makes headlines like a combination of ISIS / hackers / terrorism!” and had taken a closer look with an analysis here.  How many of these names are from “pastes” that have been reproduced or recycled or new? Whatever the answer, this is a trend that will probably continue into the foreseeable future. Reports like this should be a periodic reminder to review your/your family members privacy settings and digital footprint regularly.

 

#

Advertisements

State Dept Responds to Purported ISIS ‘Hit List’ — This Gives Me A Sad

Posted: 3:18 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

On August 16, we blogged this: Purported ISIS ‘Hit List’ With 1,482 Targets Includes State Department Names.  We asked the State Department about this over the weekend. We wanted to know if the agency has been able to confirmed the affected State personnel. The State Department, on background, told us this:

We acknowledge the reports. While we will not comment on or confirm the specifics of this particular assertion, we know that malicious actors often target email accounts of government and business leaders across the United States.

We’ve also inquired about its response, or guidance to personnel , if any, and the State Department, still on background, would only say this:

We believe it is important for not only government and private sector companies but also individuals to improve their cybersecurity practices. That is why this Administration is working hard to raise our cyber defenses across the board.

Yikes! ¯\_(ツ)_/¯  

Well, we hope they’re talking to employees behind the firewall with more substance than this two-sentence practically useless response.

*

We have not been able to find anything State Department related-response/guidance on this on the public net, but DOD has some useful reminders posted on the wide-web, no logons required. The first set of slides below is actually a social networking cybersecurity awareness briefing by Diplomatic Security. The slide set appears dated a few years back (uses 2009 examples) and is not available, as far as we can tell, from state.gov. We found this set posted on the slideshare site maintained by the Defense Department. The other two set of slides are on opsec for families and one on geotagging safety for those who posts photos online. both from the DOD site.

Social Networking Cybersecurity Awareness


.

Social Media Cyber Security Awareness Briefing | OPSEC For Families

.

Social Media Roundup/Geotagging Safety

#