Syrian Electronic Army Cyberattacks

The Syrian Electronic Army attacked again this week, compromising the websites of the New York Times, Twitter, the Huffington Post, and others.

Political hacking isn't new. Hackers were breaking into systems for political reasons long before commerce and criminals discovered the Internet. Over the years, we've seen U.K. vs. Ireland, Israel vs. Arab states, Russia vs. its former Soviet republics, India vs. Pakistan, and US vs. China.

There was a big one in 2007, when the government of Estonia was attacked in cyberspace following a diplomatic incident with Russia. It was hyped as the first cyberwar, but the Kremlin denied any Russian government involvement. The only individuals positively identified were young ethnic Russians living in Estonia.

Poke at any of these international incidents, and what you find are kids playing politics. The Syrian Electronic Army doesn't seem to be an actual army. We don't even know if they're Syrian. And -- to be fair -- I don't know their ages. Looking at the details of their attacks, it's pretty clear they didn't target the New York Times and others directly. They reportedly hacked into an Australian domain name registrar called Melbourne IT, and used that access to disrupt service at a bunch of big-name sites.

We saw this same tactic last year from Anonymous: hack around at random, then retcon a political reason why the sites they successfully broke into deserved it. It makes them look a lot more skilled than they actually are.

This isn't to say that cyberattacks by governments aren't an issue, or that cyberwar is something to be ignored. Attacks from China reportedly are a mix of government-executed military attacks, government-sponsored independent attackers, and random hacking groups that work with tacit government approval. The US also engages in active cyberattacks around the world. Together with Israel, the US employed a sophisticated computer virus (Stuxnet) to attack Iran in 2010.

For the typical company, defending against these attacks doesn't require anything different than what you've been traditionally been doing to secure yourself in cyberspace. If your network is secure, you're secure against amateur geopoliticians who just want to help their side.

This essay originally appeared on the Wall Street Journal's website.

Posted on September 3, 2013 at 1:45 PM • 20 Comments

Comments

MiramonSeptember 3, 2013 2:07 PM

And now Anonymous claims to have hacked the ESA.

But so far all this is really little more than petty vandalism. The loss a half-day's online revenue at few news sites is just not that big a deal -- symbolic, but not very scary. A single mugging is a worse crime, really.

When they graduate to disrupting infrastructure systems and facilities, though -- then it will be a major event. And unfortunately, from a kid hacker's point of view, there may not be much difference between dropping a misspelled manifesto on a front page and taking a power plant offline, or for that matter, taking down the entire national grid.

BartenderSeptember 3, 2013 3:09 PM

...and how do we know it is The Syrian Electronic Army and not some CIA False-Flag-Department operated by some implant in middle east?

name.withheld.for.obvious.reasonsSeptember 4, 2013 1:28 AM

Having witnessed the senate hearing on the authorization of the use of force (it was mentioned that this isn't a declaration of war) which is problematic. Why doesn't the US force the neighbors to do the equivalent of rising a barn. Tell Saudia Arabia, Jordon, Isreal, Turkey, Iraq, France, and Spain--the carrot is US foreign aid that we already provide many of these countries. Get NATO to be the coordinating organization and we stay the hell out. Why do we believe we always have to stick our reproductive organ in everyone else.

With the AUMF not a declaration of war, how is it congress and the executive get to exercise "War Powers". We are such hypocrites.

Anonymous Service MemberSeptember 4, 2013 3:41 AM

@name.withheld.for.obvious.reasons

- Why do we believe we always have to stick our reproductive organ in everyone else.

There is less than 1% of the us population in the military... so "we" really aren't doing anything... But I think I see where you are coming from.

Having said that, as a recently retired US service member, I would definitely like to see our government a little more conservative with the use of military force in this case. I'm not saying the government's position should be "the US won't attack under any circumstances." I would like to see the govt make its case that ongoing Syrian activities are a threat to US national security to the degree that it requires military action, and that the military action will have a probable positive affect. I haven't seen that yet.

Clive RobinsonSeptember 4, 2013 4:14 AM

@ name.witheld.for.obvious.reasons,

The problem is one of "goodmen stoping badmen" where the badmen do not beleive they are "badmen" but actualy "goodmen stoping badmen" and worse the hands of the "goodmen" are none to clean and most suspect them of having desires on the goods and chatles currently owned by the "badmen" thus others view the "goodmen" as actually being "badmen"...

So to the others there is little or no difference between the supposed "goodmen" or those they alledge are "badmen".

Back at the end of WWI it was decided to set up a court of judgment where nations would sanction the behaviour of other nations and it was called the League of Nations and it failed.

One of the reasons history gives for the LoN failure was that the "major nations" did not support it out of self interest.

WWII happened and after that it was decided to set up a court of judgment where nations would sanction the behaviour of other nations and it is called the United Nations and it is failing.

One of the reasons history gives for the UN failure is that the "major nations" do not support it out of self interest.

And the reason the "major nations" get away with it is because firstly the are permanent members of the security council and secondly they have an absolut veto on the decisions the security council can make resolutions on.

It's wrong, it's not democratic and the "major nations" are not going to alow it to be any other way out of self interest.

So as long as a non major nation can get a major nation to veto a decision then there will be no UN security council resolution. But worse (US&Israel) even if by some chance a resolution unfavourable to the non major nation does happen then the major nation can still veto the resolution being actioned.

Currently Syria has Russia on their side, thus every nation knows the UN security council will only talk any notion of a resolution to death.

Whilst it is possible for a nation to "defend its self if attacked" it is a war crime to start hostilities by attacking another nation unless it can be shown to be a defensive measure, which is proportianate / necesarry or what ever the legal minds can come up with as an excuse...

The problem we have is that for a very large number of reasons Syria is at war with it's self, subsiquently others have crossed it's borders to fight their wars under the cover of this civil war. The number of deaths so far are in the high thousands, and refugees are up in the low millions.

The Syrian regime are not the first to use chemical weapons against those they rule, the major nations on the UN security council have dirty hands in this respect and the public know this and nolonger regard WMD existance or use as a reason to go to war especialy when this will mean boots on the ground in some distant foreign nation which will turn into a war of attrician where hundreds of thousands more will die.

The politico's know this and thus they are talking no boots or pilots just missiles and drones. What they are desperatly hoping is that the electorate won't realise that missile and drone attacks might be safe for "military personel" but the knock on effect will be attacks by the disaffected on soft civilian targets in the next twenty to fifty years or so be it when they are at home, at work, socialising or on holiday.

The safe route for the civilians is for the politicos to do nothing unless the conflict goes outside Syrian borders.

But what lies under much of the middle east and other parts of the world strife and unrest is not politics but faith, since the death of the Islamic Prophet with no clear succesion the Islamic faith fragmented and attacked each other. The result was refuge migration to avoid the conflicts and in the process taking their respective views on the Islamic faith with them far and wide. However modern transport has made no place on the planet "to distant" and some parts of Islam still feel the need to attack other parts violently as well as attacking other faiths.

We see with Syria more refugee migration and with it we will see more refugee camps, attacks on the camps and disaffection giving rise to radicalised youth a very few of whom will turn or be turned into terrorists. The only question then is who they will terrorise and why...

The underlying Islamic factions are the seeds of war, the current Syrian war is the wind that spreads the seed, but in which direction is not yet known. The trick is to remain upwind or be stony ground.

What is needed is a fast settlement to the Syrian conflict and for refugees to return home as quickly as possible, then for the Syrian people to find their own political solution that is acceptable to all.

The problem we are seeing with Egypt is due to their own political solution becoming unacceptable not just a few but many. This tends to suggest that many do not want a faith based political system but one that treats all the same irespective of faith, sect, creed or race, which can only happen if tollerance and respect for all happens.

One thing is sure that it will not happen via conflict, history has shown us this repeatedly. Unfortunatly history has few examples by which a peacefull route has achieved the same objective, and those have few commonalities from which lessons can be drawn. Which makes it difficult to use them as a template to achieve peace.

wiredogSeptember 4, 2013 6:04 AM

One thing is sure that it will not happen via conflict, history has shown us this repeatedly.
To quote WFB (on the subject of a different Middle-Eastern conflict):
Of course, wars can accomplish things, as the Carthaginians and the Nazis learned.

name.withheld.for.obvious.reasonsSeptember 4, 2013 7:26 AM

@ Clive Robinson

Whilst it is possible for a nation to "defend its self if attacked" it is a war crime to start hostilities by attacking another nation unless it can be shown to be a defensive measure, which is proportianate / necesarry or what ever the legal minds can come up with as an excuse...

Yes, I don't believe it is possible to invoke "War Powers" to affect a geo-political issue (as imagined) that is a civil war. The court in the Hague would not see this as a sufficient "excuse" if those who go forward with this. Cannot believe that after the debacle that was the "Case for Going to War" show that we were treated to in 2003... I remember Tony Blair (45 minutes to ...). Kerry reminded me of Colin Powell at the UN. It is theatre of the first order, the problem is that many of the stage hands will be killed during the show. Oh yeah, and how many Sunni refuges (I believe it was +1 million) left Iraq to go to Syria prior to the U.S. invasion...we caused this issue.

The politico's know this and thus they are talking no boots or pilots just missiles and drones. What they are desperatly hoping is that the electorate won't realise that missile and drone attacks might be safe for "military personel" but the knock on effect will be attacks by the disaffected on soft civilian targets in the next twenty to fifty years or so be it when they are at home, at work, socialising or on holiday.

This is the tragedy of the ready military tech strategy--easy to kill someone when you don't have to do it. I have said before, there is no honor (and I don't believe in the empty patriotic/romantic vision of war) in taking the cowards way out--you have to pull the trigger, pin, or hair--not your metal proxy. And those that see honor in War (many cultures do) this is seen as the most cowardly act--making the attacker a definitive target for future generations. Also, as you mentioned we have been busy trying to install democracy 2.0 around the world using the barrel of gun. And, the cultural we insist install the new version of democracy cannot even spell democracy let alone own a device to install the democracy on.

Other countries need to start holding the United States responsible--the world court is probably the only place to make a stand. Other countries are going to have to become "non-cooperative".

On a side note:
The British Parliament was wonderful to watch, the debate was at some level genuine...compare that to our blokes that are nothing but dunces. I believe the tolerance for our arrogance and ignorance will diminish to near zero...

Nick PSeptember 4, 2013 10:44 AM

" Attacks from China reportedly are a mix of government-executed military attacks, government-sponsored independent attackers, and random hacking groups that work with tacit government approval. " (Bruce)

Simply and nicely worded.

"For the typical company, defending against these attacks doesn't require anything different than what you've been traditionally been doing to secure yourself in cyberspace. If your network is secure, you're secure against amateur geopoliticians who just want to help their side." (Bruce)

Exactly. Good ITSEC = good CYBERWARSEC. ;)

WaelSeptember 4, 2013 11:24 AM

@ Clive Robinson,

"The problem is one of "goodmen stoping badmen" where the badmen..."

Err, your analysis is inaccurate in my view. I'd like to comment on that, but will take us way off topic. Your information about the history of Islam is mostly inaccurate, and I'll not elaborate more on that subject matter, except to say, its royally exaggerated.

The problem we are seeing with Egypt is due to their own political solution becoming unacceptable not just a few but many

This analysis is simply wrong, as it considers only one dimension. There are many other factors to consider (internal and external)

kingsnakeSeptember 4, 2013 3:53 PM

The last time someone in the Middle East (Saddam) gassed his civilians (the Kurds) he used gas provided by the USA. I'm just sayin ...

Dirk PraetSeptember 4, 2013 5:46 PM

Brian Krebs has recently been doing a couple of interesting articles on the SEA, as has Vice.com . You can find them here, here and here.

Following an alleged breach of their own site in April, top SEA members appear to include a 19-year old living in St. Petersburg, Russia. Seems like Lulzsec revisited to me, but I just can't prevent a faint smile from appearing on my face every time a bunch of script kiddies succeed in subverting high profile sites or installations, making their owners and IT staff look negligent or incompetent.

They make a much better case for doing security right than the most eloquent salesrep or keynote speaker. After all, if you can't even properly defend against this type of attacks, then your *ss is pretty much grass in the face of organised crime and state actors.

Dirk PraetSeptember 4, 2013 7:22 PM

@ Kingsnake

The last time someone in the Middle East (Saddam) gassed his civilians (the Kurds) he used gas provided by the USA.

The Independent recently brought out that the UK Government in 2012 granted export licences to a British company for two chemicals capable of being used to make a nerve agent such as sarin. The permits were eventually revoked in response to tightened European Union sanctions.

To me, it is still all but proven who was behind these attacks. I'm with Mr. Putin when he says that anyone claiming to have irrefutable evidence can present it at the UN or the Security Council. The last time a representative of the USUK axis addressed the SC about proof of WMD's, it turned out be less than correct information.

Wesley ParishSeptember 4, 2013 7:28 PM

OT on Syrian Gas Attack: everything the current US administration says about the SGA sounds like a rehash of the Bush Administration on the dire threat posed by Iraq in 2003. Playing with people's lives. I can't blame the Syrian Electronic Army, at all.

On-Topic: in the light of this I might wish for a more serious approach to war-fighting on their part.

Or in other words, the NSA is proving to be the major threat, and as the various US Administrations have shown themselves to be the handmaidens of the 1% who are threatening human life through misinformation concerning global warming and climate change, and the NSA is set to enable the crushing of any realistic opposition to a global civil society challenge to the status quo, the NSA stranglehold is for all intents and purposes a death threat.

Clive RobinsonSeptember 5, 2013 3:07 AM

@ Dirk Praet,

With regards USUK and UN-SC and last time around, I happened to have time on my hands yesterday whilst undergoing some medical tests, and they had Sky News on with an extended interview with Hans Blix. He made the same points and a few others that the UN is the place to take the evidence.

However the problem with the UN-SC is the permanent members who have veto rights... Which puts them in the "one rule for us another for the rest of you" position. And currently the Syrians have the protection of Russia and probably China as well.

So presenting the evidence to the UN-SC may not actually achive a "mandate for military action" via a resolution.

Which might be no bad thing, because at the end of the day it is the people who live on Syrian soil that need to determin their own future via peacefull political action not via bombs and bullets.

If we make one step back from the armed conflict, it's fairly easy to realise that "armed conflict" can only happen when the beligerants have access to "arms". Further it's easy to see that nearly all nations do not have the spare manufacturing capability to make modern weapons, thus they buy them in from those nations that do. And perhaps not coincidently these nations that manufacture the weapons sold to other nations just happen to be the "major powers" some of whom are UN-SC permanent members...

As Shakespear once noted "There's something rotten in the state of Denmark"[1].

Perhaps if we stopped inventing and manufacturing new ever more deadly weapons to make war with and in effect stopped "drug dealing" them to the rest of the world there would be less inclination by those nations to make war as a first not a last resort...

[1] My appologies to those who live in Denmark, the Shakespearian observation is not about your country but about corruption at the highest levels of politics.

JohnJSeptember 5, 2013 8:55 AM

@Wesley Parish: "I can't blame the Syrian Electronic Army, at all."

I can. SEA is going after media outlets, not military or government sites. They are, in effect, attacking civilians.

Dirk PraetSeptember 5, 2013 11:10 AM

@ Clive

However the problem with the UN-SC is the permanent members who have veto rights

The proverbial nail on the head. But presenting hard evidence at the UN-SC would at least give the impression of playing the game by the book, in the process discrediting other nations using their veto right in spite of irrefutable facts. Any permanent SC member state consistently abusing its position or outright ignoring the UN eventually loses any and all credibility or moral authority on the world stage.

This doesn't quite seem to sink in with either POTUS or Secretary of State Kerry, who in their speeches desperately try to profile an intervention in Syria as the humanitarian thing to do, but in the eyes of much of the world have exactly zero credibility left as to the morality of their intentions. America's foreign policy for the last decades has had nothing to do with the proliferation of freedom, democracy and human rights, but with it's own corporate and strategic interests only.

Any US politician who thinks that there's still many people left buying into their hollow rhetoric and outside their own largely uninformed and uninvolved home audience needs to have his head examined.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..