Initial Disclosure Date: Sep 4, 2013

The Syrian Electronic Army (SEA) or Syrian Electronic Soldiers is a collection of pro-Syrian President Bashar al-Assad hacktivists. In 1989, Bassel al-Assad, the brother of the president, established the Syrian Computer Society (SCS), which is affiliated with the Ministry of Information and Ministry of Higher Education, to "introduce information technology to all the economic sectors in Syria." The SCS launched the SEA in May 2011.^(footnote:1) On its website, the SEA argues that they are "a group of enthusiastic Syrian youths who could not stay passive towards the massive distortion of facts about the recent uprising in Syria." A website which is seemingly designed by SEA members disclaims the connection between the group and the Syrian government, explaining they do not receive orders from the regime.^{(footnote::2)}

SEA's targets are media websites and twitters. For example, the group hijacked the Associated Press twitter account and sent a false tweet feed to claim that President Obama injured by explosions at the White House on April 23, 2013. This dropped the Dow Jones Industrial Average by approximately 150 points for seconds until traders learned the message was not true.^(footnote:3) The bogus twitter feed also pushed down the Standard & Poor's 500 Index temporarily and affected 136 billion US dollars in market value.^(footnote:4) In addition, other major media such as the BBC, CBS News, Financial Times, Guardian, and Reuters have been also hacked. The SEA uses a wide variety of tactics from DDoS attacks to social engineering and phishing emails with Trojan attached.^(footnote:5)

On August 27, the SEA took control over the domains of the New York Times and its twitter after compromising Melbourne IT, an Australian DNS register reseller by a phishing attack to access the reseller's login credentials. The hacktivist group changed DNS details to take New York Times website visitors to a different website hosted by the SEA.^(footnote:6)

On August 28, an alleged SEA member told ABC News in email exchanges, "All American sites will be our targets and we may be more destructive" after US government officials indicated possible missile strikes against Syria.^(footnote:7) A SEA spokesman responded to BBC News' email interview, "Our main mission is to spread truth about Syria and what is really happening." He also implied that the hacktivist group plans "many surprises" to come.^(footnote:8)

Michael Chertoff, former Secretary of the Department of Homeland Security, expects SEA's retaliation could target the websites of high profile organizations such as banks and the media.^(footnote:9) On September 2, the SEA defaced a recruiting website for the U.S. Marine Corps by posting images and a message on the website (www.marines.com) by signing "delivered by SEA." The miscreant also encouraged Marines to "refuse your orders" to attack Syria. According to the Department of Defense, the website was restored after a few hours.^{(footnote:10)}

If the SEA hijacks media's twitter account and posts a bogus message to cause social turmoil just like this April, the Japanese economy could be also affected. Although there is no known cyber-attacks launched by the SEA directly on any Japanese organization yet, Japan needs to heighten alert level to potential U.S. strikes against Syria and consequent cyber retaliation.

Sources:

1. Jeffrey Carr, "Syrian Electronic Army: Background, Operations, Gov't Affiliations," Digital Dao, April 25, 2013,
   http://jeffreycarr.blogspot.jp/2013/04/syrian-electronic-army-briefing.html#!/2013/04/syrian-electronic-army-briefing.html
2. Sarah Fowler, "Who is the Syrian Electronic Army?" BBC News, April 25, 2013,
   http://www.bbc.co.uk/news/world-middle-east-22287326
3. Gerry Smith, "AP Twitter Debacle Shows Why Companies Should Be Fined If They Get Hacked, Regulator Says," Huffington Post, April 25, 2013,
   http://www.huffingtonpost.com/2013/04/25/ap-twitter_n_3155912.html
4. Michael Riley and Chris Strohm, "Banks, Utilities Seen as Targets of Syrian Cyber-Attacks," Bloomberg, August 29, 2013,
   http://www.bloomberg.com/news/2013-08-28/banks-utilities-seen-as-targets-of-syrian-cyber-attacks.html
5. Associated Press, "'Syrian Electronic Army' takes credit for hacking New York Times website," August 27, 2013,
   http://www.cbsnews.com/8301-201_162-57600369/syrian-electronic-army-takes-credit-for-hacking-new-york-times-website/
6. Steven J. Vaughan-Nichols, "How the Syrian Electronic Army took out the New York Times and Twitter sites," ZDNet, August 28, 2013,
   http://www.zdnet.com/how-the-syrian-electronic-army-took-out-the-new-york-times-and-twitter-sites-7000019989/ , and Dave Lee, "New York Times and Twitter struggle after Syrian hack," BBC News, August 28, 2013, http://www.bbc.co.uk/news/technology-23862105
7. Lee Ferran, "Syrian Electronic Army Threatens Response to U.S> Strike, Experts Skeptical," ABC News, August 29, 2013,
   http://abcnews.go.com/Blotter/syrian-electronic-army-threatens-response-us-strike-experts/story?id=20105500
8. Dave Lee, "Syrian Electronic Army hackers say 'many surprises' planned," BBC News, August 30, 2013,
   http://www.bbc.co.uk/news/technology-23899140
9. Michael Riley and Chris Strohm, "Banks, Utilities Seen as Targets of Syrian Cyber-Attacks," Bloomberg, August 29, 2013,
   http://www.bloomberg.com/news/2013-08-28/banks-utilities-seen-as-targets-of-syrian-cyber-attacks.html
10. Charles Abbott, "Pro-Syria hackers put anti-attack message on U.S. Marines site," Reuters, September 2, 2013,
    http://www.reuters.com/article/2013/09/02/us-syria-crisis-hackers-idUSBRE9810IF20130902

※ Each company name, an organization name, and a brand name are a trade name of each company and each organization, or a registered trademark.