Skip to main content
Advertising

Originally published September 4, 2013 at 8:49 PM | Page modified September 5, 2013 at 2:14 PM

  • Share:
           
  • Comments (8)
  • Print

How did Syria’s hackers suddenly get so good?

The Syrian Electronic Army, which purports to back Syria’s government and is known for hacking into media websites and even the U.S. Marines recruiting site this week, is getting more ambitious and sophisticated, and may even be receiving help from Iran.

Foreign Policy

Most Popular Comments
Hide / Show comments
Sounds like a good pro-war propaganda piece! There is no proof the Syrian Govt did any... MORE
So then, the Syrians are just front tools for the Iranians. Just like Obama is a... MORE
ChooseLiberty - Sounds like a good pro-war propaganda piece! There is no proof the... MORE

advertising

WASHINGTON — The hacker group known as the Syrian Electronic Army (SEA) is getting more ambitious and sophisticated, say experts who’ve looked closely at the tactics underlying their attacks. The hackers may even be receiving outside help from more skilled and dangerous groups — or even from governments.

The SEA has been around since 2011, and, so far, has been known mostly for relatively simple acts of vandalism, like website defacements. Most recently, the group grabbed international attention after commandeering the websites of The New York Times, The Washington Post, and this week the recruitment website for the U.S. Marine Corps.

Last spring, the group went after bigger targets, as when it hijacked the Twitter feed of The Associated Press and sent out a false report about a bombing at the White House. But it also hacked into Web-based communications services used by Syrian rebels to avoid detection by the regime. The goal presumably wasn’t to vandalize those sites but to gather information about the rebels using them.

As the SEA’s ambition has grown, so has its skill level. The attack on The New York Times effectively gave the group control of the entire website. It was accomplished not by a frontal assault, but by changing information in the Domain Name System databases via a company in Australia. Anyone who tried to visit the Times website was redirected to another site under the SEA’s control, sporting its logo.

“The [SEA] apparently uses low-level tactics to compromise websites and Twitter accounts, but they should not be underestimated,” says Helmi Noman, the senior researcher at Citizen Lab, a research group at the University of Toronto that studies hacker networks. “They should not be evaluated based on their level of sophistication, but rather on the potential damage they can cause with unauthorized access to websites.”

So how did the SEA get better in only a few months?

“I don’t think it would be unreasonable to suspect someone more skilled is helping them out,” says Adam Myers, the vice president of intelligence for CrowdStrike, a computer-security company.

In attacks on the Times, Twitter and communications services such as Tango, popular video and text-messaging applications, and Viber, which lets users make free phone calls via the Internet, the SEA got access to accounts as well as to other data in company systems.

“That would indicate that they’re been improving [their methods] over the past couple months. I would not rule out some outside influence giving them pointers,” Myers says. “I think the likely candidates would be Iran.”

Last year, an operation that erased data on tens of thousands of computers at the oil company Saudi Aramco, as well as a massive denial of service attack on the websites of U.S. banks, which were both attributed to Iran, sent waves of panic throughout U.S. intelligence and law-enforcement agencies.

But officials are preparing for a retaliatory strike in cyberspace by forces allied with the Syrian regime. In anticipation of those strikes, the FBI is more closely monitoring Syrians inside the United States and is warning companies and government agencies to brace for possible cyber strikes. U.S. intelligence agencies are also monitoring potential Syrian cyber attacks and keeping lawmakers informed, according to a congressional staffer.

News where, when and how you want it

Email Icon

Get ready for 2015

Get ready for 2015

The Seattle Times 12-month wall calendar features hand-picked photos of life in the Pacific Northwest. Order while supplies last!

Advertising

Partner Video

Advertising


Advertising
The Seattle Times

The door is closed, but it's not locked.

Take a minute to subscribe and continue to enjoy The Seattle Times for as little as 99 cents a week.

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Subscriber login ►