Soldiers deployed on Exercise Army Cyber Spartan take part in creating traffic for the network in order to enable the Blue and Red team to complete their tasks on the exercise. Exercise Army Cyber Spartan 5 (ACS5) is an offensive and defensive cyber exercise on a live network with the aim to attract the widest talent. Ex. ACS5 welcomes participation from across the Field Army, with units invited to form Blue teams consisting of 10 people each with up to 30 Blue Teams in total. The Blue Teams are the exercising troops and are defending and administering representatives systems and services in a military context, whilst ensuring continued access to user. The Red Team on the other hand are the opposing force (OPFOR) and their role is to attempt a series of exploits to gain access to information or disrupt normal service operation. These are the actions that the Blue Team are defending against.

British Army Investigating Breach Of Twitter And YouTube Accounts

The British Army has started an investigation into a breach of its YouTube and Twitter accounts, after regaining control of them late on Sunday from unknown individuals who gained access to the accounts, and used them to promote fraudulent cryptocurrency-related products and schemes.

In a statement posted on Twitter after regaining access to the accounts, the Ministry of Defence’s press office said:

“The breach of the Army’s Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway.

The Army takes information security extremely seriously and until their investigation is complete it would be inappropriate to comment further.”

The British Army’s Twitter account was first changed to resemble that of the Possessed non-fungible token (NFT) project (archived screenshot here via Web3 is going just great), announcing a “new NFT collection” and linking to a fake website “minting” (generating and selling access to, if the site were legitimate) the tokens. It was then changed to a different ape-themed project, claiming to be ‘attacking Pakistan’ before control was restored.

The Army YouTube account was changed to resemble that of investment management firm ARK Invest, uploading a series of fake videos composed of footage from a July 2021 panel discussion between ARK Invest founder Cathie Wood, Tesla CEO Elon Musk and Twitter founder (archived screenshot here). The videos featured links to websites hosting fake cryptocurrency giveaways, claiming to pay back double the amount of cryptocurrency paid by victims. The scam in question has been used several times, with McAfee Labs reporting in May that a previous incarnation of the scam using other YouTube accounts was able to steal over $1.3 million in cryptocurrency.

The British Army’s hacked YouTube channel as its appeared on 3 July

Scams targeting cryptocurrency holders have become increasingly frequent, with the inability to reverse cryptocurrency transactions leaving victims with little recourse. The United States’ Federal Trade Commission stated in June that the amount of cryptocurrency lost in scams in 2021 was 60 times that lost in 2018, with 16,000 people reporting to have lost $1 billion in cryptocurrency to scams between January 2021 and March 2022.

NFTs and platforms selling them have similarly become targets of scams and security breaches, resulting in the loss of tokens purchased. The digital artwork that usually accompanies the NFTs have also long been criticized by skeptics of using generic, plagiarized or outright stolen art with little merit beyond being tied to the tokens, with self described “first NFT marketplace” OpenSea admitting in January that 80 percent of items created using its free “minting” tool were “plagiarized works, fake collections, and spam”.