Friday September 6 2013
– At first glance, they may just seem like pro-Assad thugs and online vandals, commandeering websites in the name of their favourite dictator. But the hacker group known as the Syrian Electronic Army is getting more ambitious and sophisticated, says experts who have looked closely at the tactics underlying their attacks.
The hackers may even be receiving outside help from more skilled and dangerous groups – or even from governments.
The Syrian Electronic Army has been around since 2011, and so far has been known mostly for relatively simple acts of vandalism such as website defacements. Most recently, the group grabbed international attention after commandeering the websites of the The New York Times, The Washington Post and this week the recruitment website for the US Marine Corps.
But this year the group started to up its game. It went after bigger targets, as when it hijacked the Twitter feed of the Associated Press and sent out a false report about a bombing at the White House. But it also hacked into web-based communications services used by Syrian rebels to avoid detection by the regime. The goal presumably wasn’t to vandalise those sites, but to gather information about the rebels using them.
As the army’s ambition has grown, so has its skill level. The attack on The New York Times effectively gave it control of the entire website. It was accomplished not by a frontal assault, but by changing information in the Domain Name System databases via a company in Melbourne. Anyone who tried to visit the Times website was redirected to another site under the Syrian Electronic Army’s control, sporting its logo. Not exactly high-end tradecraft, but not the work of simple vandals, either.
So how did the army get better in only a few months?
“I don’t think it would be unreasonable to suspect someone more skilled is helping them out,” said Adam Meyers, vice-president of intelligence for security firm CrowdStrike.
If Iranian forces have joined forces with the Syrian Electronic Army, that could be a problem for the US. Iranian hackers have already demonstrated their prowess, and they don’t limit themselves to single website attacks and propaganda campaigns. Last year, an operation that erased data on tens of thousands of computers at the oil company Saudi Aramco, as well as a massive denial of service attack on the websites of US banks, which were both attributed to Iran, sent waves of panic throughout US intelligence and law enforcement agencies.
But, if the US attacks Syria, officials are preparing for a retaliatory strike in cyberspace by forces allied with the Syrian regime. The FBI is warning companies and government agencies to brave for possible cyber strikes.
– Shane Harris