Share this article:
The Syrian Electronic Army and the attack of Civilian Systems
In recent weeks, in the wake of the alleged use of chemical weapons by the Assad regime and the U.S. response, another type of attack took place originating from Syria – cyber-attacks. The victims included the New York Times, the U.S. Marine Corps’ recruitment page, the Huffington Post, and Twitter.
The group responsible is known as the Syrian Electronic Army (SEA) and is making itself known as the most prominent pro-Government Syrian hacking group in the conflict. The attacks by the SEA highlight the importance of cyber-warfare to a community that not only includes military and government organizations, but security professionals in the civilian sector. Understanding the motives, capabilities, and tactics of groups like the SEA during a time of conflict is important so that corporations such as the Times can better adjust their security posture.
The SEA is thought to have its roots in an older organization known as the Syrian Computer Society – which was previously headed by current Syrian President Bashar al-Assad. Though their precise relationship to the Syrian government is unknown they have taken a strong pro-regime stance. Specifically, the recent attacks were directed against western targets over the recent investigation into the use of chemical weapons. Their political stance has also put them in direct conflict with the hacking group Anonymous who is in the progress of conducting OpSyria – a cyber-campaign directed at toppling the Assad regime.
In many ways, groups like the Syrian Electronic Army are common among nations and non-state actors embroiled in a modern conflict who lack a more formal organization for the conduct of cyber-operations during a war. In our research for Introduction to Cyber-Warfare we have come across similar groups such as the Nashi in Russia, the pro-Hamas “Team Hell”, and the Iranian Cyber Army. Like the Syrian Electronic Army, all of these groups consist of politically motivated hackers – often referred to as “hacktivists.” We have noticed that, in general, such groups are formed with a few technically-savvy members as a core cadre and a larger number of politically motivated, but less proficient cyber-warriors. Some security researchers have already critiqued their attacks as rudimentary, and the recent hack of an alleged SEA server (thought to involve Anonymous) and subsequent release of member data is also indicative of a lack of sophistication.
However, we shouldn’t discount the SEA as a threat. They still have obtained quite a measure of success. Their hacks of major website (mostly completed through DNS hijacking) did succeed in gaining headlines. Further, it would not be surprising if such attacks were leveraged to compromise systems – as the Iranian Cyber Army has previously done to build a botnet. We also note that previous compromise of the Associated Press’s Twitter site in April proved highly effective. Once the SEA compromised this account, they posted a fake message of a terrorist attack on the White House, which caused a temporary plunge in the markets.
Hacktivist groups like the SEA that support a given nation or non-state actor will remain an important feature in the landscape of cyber-war – one that we must account for during a conflict. Understanding their capabilities, motives, and tactics are important as the battlefield in a cyber-conflict has no boundaries. Security professionals need to consider these groups as the compromise of a corporate system by a hacktivist group to make a political statement or launch an attack reflects poorly on a firm and could result in loss of revenue.
Paulo Shakarian‘s new book Introduction to Cyber-Warfare: A Multidisciplinary Approach is now available for purchase at a 25 % discount on the Elsevier Store.
*The opinions in this post are those of the author and do not necessarily reflect the opinions of the U.S. Military Academy, or the U.S. Army.*
About the Author:
Paulo Shakarian, Ph.D. is a Major in the U.S. Army and an Assistant Professor of Computer Science at the U.S. Military Academy (West Point) teaching classes on computer science and information technology as wells as conducting research on cyber-security, social networks, and artificial intelligence. He has written over twenty papers published in scientific and military journals. Relating to cyber-warfare, he has written the paper “Stuxnet: Cyberwar Revolution in Military Affairs” published in Small Wars Journal and “The 2008 Russian Cyber-Campaign Against Georgia” published in Military Review.
His scientific research has also been well received, featured in major news media such including The Economist and Nature. Previously, he has authored Geospatial Abduction: Principles and Practice published by Springer.
Paulo holds a Ph.D. and M.S. in computer science from the University of Maryland, College Park, a B.S. in computer science from West Point, and a Depth of Study in Information Assurance also from West Point. Paulo has served two combat tours in Operation Iraqi Freedom. His military awards include the Bronze Star, Meritorious Service Medal, Army Commendation Medal with Valor Device, and Combat Action Badge. Learn more about Paulo, at his website.
The opinions expressed within are solely those of the author and do not necessarily reflect the opinions of the US Military Academy, the US Army or the Department of Defense.
Securing computer systems is crucial in our increasingly interconnected electronic world. With so many business, consumer, and governmental processes occurring online, a growing potential exists for unauthorized access, change, or destruction of those processes. For years, Elsevier’s Syngress imprint has helped computer and information security professionals learn theory, strategy, and tactics for protecting digital assets in this constantly evolving field. Our books and eBooks in areas such as info security, digital forensics, hacking and penetration testing, certification, and IT security and administration. Click here for Syngress companion materials Click here for access to our archive of free eBooks, booklets and downloadable PDFs for Syngress and Computer security content. Access companion materials and instructor’s resources for all our books from the Elsevier Store. Search by author, title or ISBN, then look for the “Resources” tab on any book page.