Special Operations Command Central now says a curious tweet on its official account was not a hack, as it initially reported on social media.
U.S. Special Operations Command Central “acknowledges a misleading post to our official Twitter account on April 24, 2021,” Army Maj. Tony Hoefler, a SOCCENT spokesman, told Military Times. “The post contained three words, “Afghanistan” “Islamic State,” in quotation marks. After review, it was determined our Twitter account was not hacked and a social media administrator inadvertently tweeted the words while conducting a search for current topical events.”
Hoefler said SOCCENT officials are now “reviewing our internal processes to refine our social media practices. No security breach took place and we apologize for any confusion this may have caused.”
Saturday morning, however, SOCCENT took to Twitter to say its site had been hacked.
“In the past 12 hours someone hacked our unit’s official account and tweeted a misleading message,” the command, headquartered at MacDill Air Force Base in Tampa, Florida, stated in a tweet Saturday morning. “We apologize for any confusion or insensitive content.”
The SOCCENT Twitter flub was the latest in a series of military social media foibles.
In March, a tweet issued on the official page of the U.S. military command in charge of the nation’s nuclear arsenal had many on social media confused and concerned.
What did a tweet that read “;l;;gmlxzssaw,” mean? Had the account of the U.S. Strategic Command, headquartered at Offutt Air Force Base south of Omaha, been hacked?
Within 10 minutes of launch, the tweet drew at least 12,400 “likes,” 9,000 retweets and lots of snark and speculation, the Omaha World-Herald reported. A half-hour later, a follow-up tweet apologized for the confusion and advised followers to disregard the previous nonsensical tweet. Then the mystery tweet disappeared.
“Should we be ducking and covering now?” one person responded.
STRATCOM officials provided the answer a day later: The tweet came from a rogue toddler.
In a statement issued March 29, STRATCOM said the person who manages the command’s Twitter account was working from home when he briefly stepped away from his computer while the account was open. That’s when his child sat down to play on the keyboard and managed to hit “send.”
“Absolutely nothing nefarious occurred; i.e., no hacking of our Twitter account,” STRATCOM spokeswoman Karen Singer said in the statement.
Last October, an authorized user who had access to the Fort Bragg garrison Twitter account came forward as the person who sent sexually charged tweets, according to a statement from the North Carolina military post.
The statement reversed Fort Bragg’s earlier stance, when post officials said the garrison had “ruled out any malicious intent” by its public affairs officials and characterized the incident as a “hack,” possibly by someone who had guessed their password.
“This morning, at the initiation of an investigation into yesterday’s incident regarding inappropriate tweets on the Fort Bragg Twitter account, an administrator for the account identified himself as the source of the tweets,” said XVIII Airborne Corps spokesman Col. Joe Buccino. “Appropriate action is underway. The Fort Bragg account will be restored in the coming days.”
But sometimes, an apparent hack turns out to be just that.
In January 2015, Twitter and YouTube accounts belonging to U.S. Central Command, headquartered at MacDill Air Force Base, were temporarily taken over by a group calling itself the CyberCaliphate.
The group claimed to be aligned with the Sunni insurgent group Islamic State, but actually was connected to Russian hackers, British authorities told the Washington Examiner.
The CENTCOM hacks appeared to be unsophisticated and no classified information or networks were accessed, authorities said.
But the hackers did manage to post unclassified information, CENTCOM said at the time, such as the names and addresses of retired U.S. military officers, PowerPoint slides about military operations in Asia, and threats against U.S. military personnel.
The command, which oversees U.S. military operations in the Middle East and Southwest Asia, treated the incident as cybervandalism.
Howard Altman is an award-winning editor and reporter who was previously the military reporter for the Tampa Bay Times and before that the Tampa Tribune, where he covered USCENTCOM, USSOCOM and SOF writ large among many other topics.