WASHINGTON — A Syrian hacking group’s reported defacing of Qatari government webpages over the weekend could signal a new direction for the organization that has infiltrated Western news websites and is loyal to Bashar Assad, the civil-war-torn country’s embattled president.
Still, U.S. cybersecurity experts said they don’t expect the so-called Syrian Electronic Army to take steps as drastic as compromising U.S. nuclear facilities or crippling the critical infrastructure of a major world power through a cyber attack — at least not in the near future, and not without help from other countries.
The Syrian Electronic Army is loyal to Assad, though U.S. analysts say its specific ties to the regime are not clear. The group in recent months has targeted news and communications websites in and out of the United States, with suspected actions including disabling the New York Times’ page in August and posting pro-Assad messages on a U.S. Marines Corps page in September. It infamously caused U.S. stock markets to dip in April after posting a fake news alert about a White House bombing on the Associated Press’ Twitter page.
This past Sunday, Qatari officials said they recovered government websites targeted by the Syrian Electronic Army, including the Qatari interior ministry’s site, according to Middle Eastern news reports.
“It’s pretty interesting that (the Syrian Electronic Army) went to Qatar,” said Christopher Ahlberg, CEO and cofounder of Recorded Future in Cambridge, Mass., a company that tracks computer infiltrations around the world. The Syrian Electronic Army reportedly said it targeted Qatar because it supports Syrian rebels. In an interview with Global Security Newswire, Ahlberg also pointed to another possible motivation: “Maybe it’s because the attractive targets in the U.S. and the U.K. are now locked down now, so they have to go elsewhere.”
If that is the case, more countries could be subject to the Syrian Electronic Army’s tactics, which are described in recent reports by network-security company Fire Eye, internet-content-delivery firm Akamai and Washington think tank the Center for Strategic and International Studies. Those actions include website defacings, denial-of-service attacks, “phishing” campaigns to trick computer users to reveal passwords and sensitive codes, and e-mail spamming of governments, media outlets and online services.
Previously, the Syrian hacking group had been tied to some attacks of government websites — including a reportedly failed attempt to disrupt the water supply in the Israeli city of Haifa and a potentially successful breach of the Saudi Arabian Ministry of Defense email system, both in May. However, the validity of those reports has been questioned, according to U.S. analysts. Akamai’s Oct. 16 report also says the Syrian Electronic Army “has been associated with the posting of pro-Syrian propaganda” to the Facebook pages of the U.S. Embassy in Damascus, U.S. Department of State, U.S. Department of Treasury, the White House and President Obama.
The U.S. National Security Agency is believed to be investigating the Syrian Electronic Army, by accessing some members’ computers and networks to understand if they have the capability to launch a larger attack, according to Matthew Rhoades, the director of the Cyberspace & Security Program at the Center for National Policy & Truman National Security Project in Washington. A worst-case scenario could be a catastrophic cyber attack on U.S. critical infrastructure, including nuclear reactors.
Rhoades, though, in an interview with GSN said he doesn’t “know that there is a capability or an intent within these Syrian groups as of today to pursue and successfully complete one of those attacks.”
“As far as capabilities, they’re considered to be on the lower end of the spectrum,” he said. “They’re motivated by political reasons right now. So that’s why they go after media outlets. That’s why they go after some government organizations. That’s why they go after anti-Assad groups. They do not appreciate the coverage … [of the] sort of pro-West, anti-Assad news media.”
Ahlberg said the Syrian Electronic Army is “not the most sophisticated” group of hackers, when compared to their counterparts in Russia, who have targeted foreign banks, and in China, who have sought military secrets.
It is unclear if the Syrian Electronic Army has connections to more-advanced hacking groups from other nations that are critical of U.S. policy, Rhoades said.
“Iran and Russia would worry me the most, and for two separate reasons,” he said. “Russia, because they’re highly sophisticated, and so if there’s some sort of educational component between the two, that could greatly expand Syrian capabilities. … (And) If anybody was motivated to do something on the cyber-attack side of the scale, from a nation-state perspective, you would imagine it would be Iran.”
While U.S.-Iranian relations are improving, Rhoades noted they still are tenuous.
Kenneth Geers, a senior global threat analyst for Milpitas, Calif.-based FireEye, said the United States “absolutely” should be concerned about Russian and Iranian hackers training and aiding the Syrian Electronic Army.
“Cyberspace is a reflection of traditional social, political, and military affairs,” he said in an emailed response to questions. “Russia and Iran are Syria’s allies in traditional space, so they are Syria’s allies in cyberspace.”
Geers, whose past government roles include stints at the National Security Agency and NATO, said he believes two factors suggest the Syrian Electronic Army possesses an “advanced persistent threat,” which he defines as having the direct or indirect support of a nation state: “First, the duration of SEA’s attacks: over two years; second, their gravity: within a week in July 2013, SEA compromised international communications websites used by hundreds of millions of users around the world,” he said.
A U.S. Department of Defense spokesman declined to talk specifically about what the United States is doing to monitor and defend against cyber attacks from Syria.
Air Force Lt. Col. Damien Pickart, though, in an emailed response to questions noted: “We’ve seen a series of attacks claimed by the Syrian Electronic Army over the past several years, so the recent attacks were not a new phenomenon.”
He said the Pentagon “takes seriously its mission to defend the nation from any group that attempts to use cyberspace to threaten U.S. security or national interests.”
The U.S. government routinely shares threat information with the private sector through the Department of Homeland Security in order to “mitigate much of the threat activity we have seen recently,” the Pentagon spokesman noted.
What We're Following See More »
Foreign Policy takes a look at the future of mining the estimated "100,000 near-Earth objects—including asteroids and comets—in the neighborhood of our planet. Some of these NEOs, as they’re called, are small. Others are substantial and potentially packed full of water and various important minerals, such as nickel, cobalt, and iron. One day, advocates believe, those objects will be tapped by variations on the equipment used in the coal mines of Kentucky or in the diamond mines of Africa. And for immense gain: According to industry experts, the contents of a single asteroid could be worth trillions of dollars." But the technology to get us there is only the first step. Experts say "a multinational body might emerge" to manage rights to NEOs, as well as a body of law, including an international court.
Not to be outdone by Jeffrey Goldberg's recent piece in The Atlantic about President Obama's foreign policy, the New York Times Magazine checks in with a longread on the president's economic legacy. In it, Obama is cognizant that the economic reality--73 straight months of growth--isn't matched by public perceptions. Some of that, he says, is due to a constant drumbeat from the right that "that denies any progress." But he also accepts some blame himself. “I mean, the truth of the matter is that if we had been able to more effectively communicate all the steps we had taken to the swing voter,” he said, “then we might have maintained a majority in the House or the Senate.”
Ronald Reagan's children and political allies took to the media and Twitter this week to chide funnyman Will Ferrell for his plans to play a dementia-addled Reagan in his second term in a new comedy entitled Reagan. In an open letter, Reagan's daughter Patti Davis tells Ferrell, who's also a producer on the movie, “Perhaps for your comedy you would like to visit some dementia facilities. I have—I didn’t find anything comedic there, and my hope would be that if you’re a decent human being, you wouldn’t either.” Michael Reagan, the president's son, tweeted, "What an Outrag....Alzheimers is not joke...It kills..You should be ashamed all of you." And former Rep. Joe Walsh called it an example of "Hollywood taking a shot at conservatives again."
In a sign that she’s ready to put a longer-than-expected primary battle behind her, former Secretary of State Hillary Clinton (D) is no longer going on the air in upcoming primary states. “Team Clinton hasn’t spent a single cent in … California, Indiana, Kentucky, Oregon and West Virginia, while” Sen. Bernie Sanders’ (I-VT) “campaign has spent a little more than $1 million in those same states.” Meanwhile, Sen. Jeff Merkley (D-OR), Sanders’ "lone backer in the Senate, said the candidate should end his presidential campaign if he’s losing to Hillary Clinton after the primary season concludes in June, breaking sharply with the candidate who is vowing to take his insurgent bid to the party convention in Philadelphia.”
The team behind the bestselling "Clinton Cash"—author Peter Schweizer and Breitbart's Stephen Bannon—is turning the book into a movie that will have its U.S. premiere just before the Democratic National Convention this summer. The film will get its global debut "next month in Cannes, France, during the Cannes Film Festival. (The movie is not a part of the festival, but will be shown at a screening arranged for distributors)." Bloomberg has a trailer up, pointing out that it's "less Ken Burns than Jerry Bruckheimer, featuring blood-drenched money, radical madrassas, and ominous footage of the Clintons."