Cyber Incident Victim: Ejército Argentino

On June 19, 2017, Argentina’s army publicly disclosed that its official website had been compromised by hackers who defaced it with content supporting the Islamic State militant group. The attackers replaced the site’s normal content with images of individuals dressed in black clothing, consistent with common ISIS propaganda imagery, accompanied by a threatening message stating, "This is a threat. ISIS is in Argentina and you will hear from us soon." The defacement remained visible to public visitors for approximately 20 minutes before the army’s technical teams successfully took the website offline to remove the unauthorized content. Army spokesperson Dolores San Martin, representing the communications department in Buenos Aires, confirmed the incident but stated investigators had not yet identified the perpetrators or their motives. The breach exclusively affected the army’s web presence, with no reported compromises of the Argentine air force or navy websites during the same period.

The army initiated an internal investigation to determine the intrusion’s origin and methods but did not disclose technical details about the attack vector or potential vulnerabilities exploited. No additional disruptive actions, such as data theft or secondary system compromises, were reported in connection with the incident. The Ministry of Defense did not provide an immediate public statement or commentary when contacted by Reuters, leaving the army as the sole official source of information. The incident’s primary operational impact was limited to temporary disruption of the army’s public website, with no evidence suggesting broader network infiltration or physical security implications. Public visibility of the defacement, though brief, generated media coverage highlighting cybersecurity vulnerabilities in state institutions. Argentina’s army maintained its website’s restoration without further elaboration on long-term security improvements or attribution findings.