We ask the experts for their thoughts on this high profile "hacking" that appears to have been dealt with promptly but is this really a "hack"?
Chris Pogue, Head of Strategic Alliances, Nuix and a member of the US Secret Service Electronic Crimes Task Force says British Army was not hacked.
Chris Pogue said: "Recent media articles published indicate that the British Army's YouTube and Twitter accounts were hacked. As a 20-year veteran of the Cybersecurity industry, a 13 year's veteran of the United States Army and a University Professor, I believe there are two important takeaways from this story, 1) words have meaning and 2) word utilisation can completely change the meaning of what is being said.
"There was no hack, no exploitation of a known vulnerability, no utilisation of a zero-day, and no broadly pervasive system-wide compromise. This was unauthorized access that was likely the result of a weak or shared password and the lack of multifactor authentication (MFA). So while the term "hack" sounds infinitely more ominous, it is misrepresentative of the facts. The takeaway for whomever within the British Army is responsible for their social media accounts (again - terminology is important - it's probably a couple of lower enlisted soldiers, not the entirety of Her Majesty's Military forces) to use unique, strong passwords and MFA whenever possible.
"So while embarrassing, based on the information provided in the media, I think the level of danger posed to the British Army is minimal to non-existent."
