The 82nd Airborne Division is briefing family members of deployed paratroopers to double-check their social media settings and report any strange messages they may receive after some malevolent ones were reported to the command.
The division’s 1st Brigade Combat Team deployed to Kuwait in early January as part of an emergency response to the region over heightened tensions with Iran.
“Families have reported instances where they have received unsolicited contact with some menacing messaging,” said Lt. Col. Mike Burns, a division spokesman.
“We have done several things to inform our paratroopers and families of these risks and ways that they can protect themselves,” Burns added. “I also personally spoke to the brigade [Familiy Readiness Group] leaders today."
The 82nd has told family members to be vigilant and practice smart behavior online. Family members should check their social media settings and reference the U.S. Army’s social media handbook, Burns said. In addition to distributing social media pamphlets, the division has held information forums for families. Burns could not comment on the reports that WiFi access was suspended for brigade paratroopers in Kuwait.
Separately, two U.S. sources with direct knowledge of the situation told Military Times the WiFi access was suspended over fears of a potential hacking and leak of sensitive contact information. One defense source said the MWR network was compromised, that contacts were pulled from service member’s devices and family members have been getting threats and disturbing messages from hackers.
The defense official, who spoke on condition of anonymity because he was not authorized to speak on the record, said family members stateside have been getting threats and disturbing messages.
One of the messages obtained by Military Times appears to be a typical psychological operations-styled warning. It references Iran, but there is no indication it is actually a state-sponsored message.
“If you like your life and you want to see your family again, pack up your stuff right now and leave the Middle East. Go back to your country. You and your terrorist clown president brought nothing but terrorism,” the message reads. “You fools underestimate the power of Iran. The recent attack on your [expletive] bases was just a little taste of our power. By killing our general, you dug your own grave. Before having more dead bodies, just leave the region for good and never look back.”
The message was sent over Instagram by an account that used deceased Iranian Quds Force commander Qassem Soleimani’s portrait as a profile picture. Soleimani was killed by a U.S. airstrike on Jan. 3 in Baghdad, Iraq.
The move was made to ensure operational security was maintained during the emergency deployment, which saw 3,500 paratroopers from 1st Brigade Combat Team fly out of Fort Bragg, North Carolina, to Ali Al Salem Air Base, Kuwait.
Other messages included fake scenarios about kidnappings intended to scare family members. A separate official noted that some messages appear to look more like phishing attempts.
The extent of the possible compromise is unknown. One defense official said it’s unknown at this time when and where the potential hacking may have taken place.
But the Department of Homeland Security has warned that “Iran maintains a robust cyber program" and “is capable, at a minimum, of carrying out attacks with temporary disruptive effects."
U.S. Central Command and Operation Inherent Resolve have yet to respond to requests for comment.
Roughly a brigade of 82nd Airborne troops deployed to Kuwait in early January as tensions with Iran mounted over rocket attacks in Iraq by Tehran’s proxies and attempts by Iran-backed Shia militias and their supporters to storm the U.S. Embassy in Baghdad.
The brigade took various security precautions before deploying by telling the paratroopers to leave behind personal communications devices, phones and laptops.
“Anything considered a personal electronic device. All those things,” Burns previously told Army Times. “But banned is a harsh word. The decision was made so soldiers weren’t put at risk.”
The decision was intended to both ensure that sensitive information pertaining to the deployment and mission was not shared outside official channels, and also to prevent any potential cyberattacks against the soldiers.