Cyber Incident Victim: Chile Ministry of Defense
Date:
Feb 2015
Location:
Chile
Summary
The Chilean Ministry of Defense website was compromised by ISIS supporters who defaced its homepage with messages in English and Spanish, including claims of responsibility and religious statements. The brief intrusion, which lasted minutes, prompted immediate mitigation measures, including redirecting traffic to a subdomain and restoring the site; authorities confirmed no sensitive data or email systems were breached. An investigation was initiated to identify the perpetrators, marking the first known cyberattack by an extremist Islamist group targeting Chilean national infrastructure, contrasting with prior incidents attributed to anarchist actors. The ministry emphasized that security protocols prevented any compromise of critical information during the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 23, 2015, at approximately 22:30 local time (1:30 GMT), unidentified individuals claiming affiliation with ISIS compromised the official website of Chile's Ministry of Defense (www.ssdefensa.cl). The attackers replaced the homepage with defacement content displaying the word "Hacked" alongside the username "Saddam Hussein." Two language-specific messages appeared: an English statement reading "Sorry Admin Because Your Site Security is Low WE aRe ISIS" and Spanish text stating "Somos ISIS, no me olviden" ("We are ISIS, don't forget me") and "alá es el único DIOS" ("allah is the only GOD"). The unauthorized access lasted several minutes before ministry personnel detected the breach through activated security alarms. By early Tuesday, officials had removed the compromised page and redirected all web traffic to the subsecretary of defense's subdomain. A ministry statement confirmed no sensitive information, including email systems or classified data, was exposed during the incident. Technical teams restored full website functionality prior to the publication of reporting articles on February 26. Authorities announced plans to investigate the intrusion to identify responsible parties.
This incident marked the first publicly confirmed cyberattack against Chilean government infrastructure by actors claiming extremist Islamist motivations, contrasting with previous digital assaults attributed to anarchist groups targeting national websites. The ministry emphasized operational continuity despite the temporary disruption, noting defensive measures prevented escalation beyond superficial defacement. Historical context emerged through media reports highlighting Chile's 2003 position as the final UN Security Council member to endorse US-led military action against Saddam Hussein's Iraqi government, though no explicit connection between this historical stance and the attackers' pseudonym usage was formally established. No data exfiltration or secondary compromises were reported following forensic examination. The breach prompted internal security reviews but did not result in public disclosures regarding specific vulnerabilities exploited or long-term procedural changes.