Initial Disclosure Date: Sep 4, 2013
The Syrian Electronic Army (SEA) or Syrian Electronic Soldiers is a collection of pro-Syrian President Bashar al-Assad hacktivists. In 1989, Bassel al-Assad, the brother of the president, established the Syrian Computer Society (SCS), which is affiliated with the Ministry of Information and Ministry of Higher Education, to "introduce information technology to all the economic sectors in Syria." The SCS launched the SEA in May 2011.(footnote:1) On its website, the SEA argues that they are "a group of enthusiastic Syrian youths who could not stay passive towards the massive distortion of facts about the recent uprising in Syria." A website which is seemingly designed by SEA members disclaims the connection between the group and the Syrian government, explaining they do not receive orders from the regime.(footnote::2)
SEA's targets are media websites and twitters. For example, the group hijacked the Associated Press twitter account and sent a false tweet feed to claim that President Obama injured by explosions at the White House on April 23, 2013. This dropped the Dow Jones Industrial Average by approximately 150 points for seconds until traders learned the message was not true.(footnote:3) The bogus twitter feed also pushed down the Standard & Poor's 500 Index temporarily and affected 136 billion US dollars in market value.(footnote:4) In addition, other major media such as the BBC, CBS News, Financial Times, Guardian, and Reuters have been also hacked. The SEA uses a wide variety of tactics from DDoS attacks to social engineering and phishing emails with Trojan attached.(footnote:5)
On August 27, the SEA took control over the domains of the New York Times and its twitter after compromising Melbourne IT, an Australian DNS register reseller by a phishing attack to access the reseller's login credentials. The hacktivist group changed DNS details to take New York Times website visitors to a different website hosted by the SEA.(footnote:6)
On August 28, an alleged SEA member told ABC News in email exchanges, "All American sites will be our targets and we may be more destructive" after US government officials indicated possible missile strikes against Syria.(footnote:7) A SEA spokesman responded to BBC News' email interview, "Our main mission is to spread truth about Syria and what is really happening." He also implied that the hacktivist group plans "many surprises" to come.(footnote:8)
Michael Chertoff, former Secretary of the Department of Homeland Security, expects SEA's retaliation could target the websites of high profile organizations such as banks and the media.(footnote:9) On September 2, the SEA defaced a recruiting website for the U.S. Marine Corps by posting images and a message on the website (www.marines.com) by signing "delivered by SEA." The miscreant also encouraged Marines to "refuse your orders" to attack Syria. According to the Department of Defense, the website was restored after a few hours.(footnote:10)
If the SEA hijacks media's twitter account and posts a bogus message to cause social turmoil just like this April, the Japanese economy could be also affected. Although there is no known cyber-attacks launched by the SEA directly on any Japanese organization yet, Japan needs to heighten alert level to potential U.S. strikes against Syria and consequent cyber retaliation.
Sources:
日立システムズは、システムのコンサルティングから構築、導入、運用、そして保守まで、ITライフサイクルの全領域をカバーした真のワンストップサービスを提供します。