The Syrian Army Obama Can’t Bomb

If the U.S attacks, the Syrian Electronic Army is sure to step up its hacks. But is it any real threat?

National Journal
Brian Resnick
Sept. 10, 2013, 8:46 a.m.

The Za­patis­tas star­ted off tra­di­tion­ally — with a mi­li­tia a few thou­sand deep, homemade weapons, and AK-47s. On New Year’s Day 1994, the left­ist group took con­trol of sev­er­al towns in Chiapas, a re­gion in south­ern Mex­ico. The rebels, fueled by an­ger over the re­cently au­thor­ized North Amer­ic­an Free Trade Agree­ment, stormed the towns at mid­night in what was de­scribed as “as a jovi­al spec­tacle.”

Mex­ico, in turn, re­spon­ded tra­di­tion­ally — with 15,000 sol­diers. They drove the Za­patis­tas back in­to the jungles, killing about 150 of them. But here’s where the story breaks from tra­di­tion. When the re­volu­tion­ar­ies moun­ted a comeback, it wasn’t back on the streets of Mex­ico, it was on the Web, for­go­ing weapons or vi­ol­ence for mes­sage pro­lif­er­a­tion and “hackt­iv­ism.” By today’s stand­ards, they or­gan­ized simple things: They used list­servs to get their mes­sages out and staged In­ter­net “sit-ins” by flood­ing serv­ers. But they got big at­ten­tion. They marked the be­gin­ning of the age of In­ter­net act­iv­ists.

It was the first “net­war” — as a 1998 Rand re­port de­scribed it — a mil­it­ant-yet peace­ful brand of so­cial act­iv­ism that lives in shifty tangles on the In­ter­net, which can be just as vis­ible as 1,000 re­volu­tion­ar­ies on the ground. “It is in­spir­ing rad­ic­al act­iv­ists around the world to be­gin think­ing that old mod­els of struggle — ones that call for build­ing ‘parties’ and ‘fronts’ … to ‘crush the state’ and ‘seize power’ — are not the way to go in the in­form­a­tion age,” the au­thors of that re­port wrote.

Led by Sub-Comand­ante Mar­cos (fore­ground), about 3,000 mem­bers of the Za­patista Army for Na­tion­al Lib­er­a­tion fire their weapons in­to the air in the south­ern Mex­ic­an state of Chiapas on Oct. 15, 1994. (AP Photo/Marco Ugarte)

But in the 15 years since that pa­per was pub­lished, In­ter­net act­iv­ism ob­vi­ously hasn’t re­placed phys­ic­al re­bel­lion. It just hap­pens along­side of it.

“When Geor­gia and Rus­sia had a mil­it­ary con­flict, hack­ers and hackt­iv­ists, they all ban­ded to­geth­er,” says John Bumgarner, the chief tech­no­logy of­ficer of the U.S. Cy­ber Con­sequences In­sti­tute, a non­profit. “And as that at­tack in­creased on the ground, the hack­ers in cy­ber­space in­creased their activ­ity and more people from oth­er coun­tries, Ukraine, and the United States, came to­geth­er.”

And that ac­cel­er­a­tion, he says, is likely to hap­pen in Syr­ia as the United States inches to­ward a strike.

Who are the SEA?

They hacked the Mar­ines. And The New York Times. And The Wash­ing­ton Post. And while they’ve been called un­soph­ist­ic­ated in their tac­tics, the mem­bers of the Syr­i­an Elec­tron­ic Army have been aw­fully dis­rupt­ive.

We don’t know much about these cy­ber­act­iv­ists, oth­er than that they strongly sup­port the As­sad re­gime, and de­face web­sites and re­dir­ect read­ers to their pro­pa­ganda. Ac­cord­ing to Adam Mey­ers, the vice pres­id­ent of in­tel­li­gence at Crowd­Strike, an In­ter­net se­cur­ity firm, there could be as few as a dozen people act­ively work­ing in the SEA. “At least some of the mem­bers that we are track­ing we have some good in­dic­a­tions they are op­er­at­ing out of Syr­ia,” he says, but it’s hard to know. Their ini­tial serv­er was hos­ted on the Syr­i­an Com­puter So­ci­ety, which Bashar al-As­sad was in charge of be­fore be­com­ing pres­id­ent of Syr­ia. It’s also un­known if there’s any con­nec­tion between the elec­tron­ic army and the ac­tu­al Syr­i­an forces.

A few of these hack­ers have been iden­ti­fied by In­ter­net pseud­onyms and have spoken to the me­dia, but then, it’s tough to con­firm if they are who they say they are. In Au­gust, Vice‘s Mother­board con­nec­ted an In­ter­net pa­per trail to identi­fy an SEA mem­ber named Hatem Deeb (he’s known around the In­ter­net as “ThePro.” This is his per­son­al site, where he de­clares he’s “proud to be a pro-As­sad hack­er.”) The SEA wrote to Mother­board say­ing Deeb was not one of “the names of SEA mem­bers lol,” which seemed to un­der­score a sense of am­a­teur­ism (also not­able is the SEA’s flu­id sense of Eng­lish and web­speak. They have a Pin­terest ac­count).

Deeb, or “ThePro,” or who­ever this per­son really is, pre­vi­ously told Vice about the ori­gins of the SEA:

… We’re all Syr­i­an youths who each have our spe­cial­ised com­puter skills, such as hack­ing and graph­ic design. Our mis­sion is to de­fend our proud and be­loved coun­try Syr­ia against a bloody me­dia war that has been waged against her. The con­trolled me­dia of cer­tain coun­tries con­tin­ues to pub­lish lies and fab­ric­ated news about Syr­ia.

Ac­cord­ing to Mey­ers, the SEA star­ted out two years ago op­er­at­ing more simply than it does now, at­tack­ing “tar­gets of op­por­tun­ity,” easy se­cur­ity flaws on web­sites. Then, start­ing this sum­mer, its mem­bers seemed to get a boost in cap­ab­il­it­ies. They star­ted go­ing after mes­saging sites such as tango.me, steal­ing e-mail mes­sages and con­tacts, among whom, it is pos­sible, in­clude Syr­i­an dis­sid­ents and rebels. Then, after the tango.me hack, the SEA went back to in­ter­fer­ing with me­dia out­lets. (The Guard­i­an has a com­pre­hens­ive timeline of their activ­it­ies.) In late Au­gust, the group took out The New York Times for the bet­ter part of a day. Mey­ers likened this move to watch­ing a golfer who had just learned a new swing from a pro. “And all of a sud­den you look like a dif­fer­ent shoot­er,” he says. He sus­pects they may have got­ten some out­side help.

Though sev­er­al head­lines last week pro­claimed that the SEA is now on the FBI’s “Most Wanted” list, an FBI spokes­per­son said that wasn’t true (the FBI does have a pub­lic most wanted list for cy­ber bad guys) and wouldn’t com­ment on wheth­er there was a fed­er­al in­vest­ig­a­tion in­to the group. The FBI did, however, re­lease an ad­vis­ory on them, but it was tame, in­struct­ing the agency to “main­tain heightened aware­ness of your net­work traffic and take ap­pro­pri­ate steps to main­tain your net­work se­cur­ity.”

How to Fight an Elec­tron­ic Army

The Syr­i­an Elec­tron­ic Army pos­ted this let­ter to the front of a Mar­ine Corps re­cruit­ment web­site, with pic­tures of sup­posed Mar­ines pledging not to in­ter­fere in Syr­ia. (Screen­shot Via Wall Street Journ­al)

Des­pite its abil­ity to hack big cor­por­a­tions and ma­jor news out­lets, the SEA’s tac­tics are re­garded by se­cur­ity ex­perts to be un­soph­ist­ic­ated. They say that be­cause the SEA largely uses a simple tac­tic called spearph­ish­ing — a gam­bit that baits people with au­then­t­ic-look­ing e-mails to give over their user names and pass­words. Here’s the ana­logy: You can have all the se­cur­ity in the world, but if you have the key to the gate, none of that mat­ters.

“It is go­ing to be very dif­fi­cult for us, the se­cur­ity com­munity, to ac­tu­ally pre­vent these at­tacks from oc­cur­ring,” Bumgarner says. “In most of these cases the SEA has ac­com­plished, the hu­man has been the weak ele­ment, and you can­not get a patch for stu­pid­ity.”

When SEA mem­bers hacked the AP’s Twit­ter ac­count, they pos­ted a tweet that read “Break­ing: Two Ex­plo­sions in the White House and Barack Obama is in­jured.” Al­most im­me­di­ately the Dow Jones in­dus­tri­al av­er­age dropped 150 points. “They didn’t have to do a stuxnet level at­tack to get that at­ten­tion,” Bumgarner says.

But yet, that’s more of a re­ac­tion to a protest than a group as­sembled on the street could dream of cre­at­ing. When the SEA took out The New York Times, re­dir­ect­ing some users to its own web­site, “that was equi­val­ent to they bombed The New York Times and took it out for the day,” Bumgarner says. But they did it without in­flict­ing any real dam­age or us­ing any­thing more sin­is­ter than a spam email. The les­son here may be for the me­dia: Per­haps their ac­counts should be kept un­der the same pro­tec­tions as, say, the front page of to­mor­row’s pa­per.

With a clev­er enough com­bin­a­tion of let­ters and num­bers, a pass­word can be more or less im­possible for a group with small com­put­ing power to hack. Ac­cord­ing to Pop­u­lar Mech­an­ics, a pass­word with let­ters, num­bers, and seem­ingly ran­domly placed sym­bols like “Aqu57ar$iu3s” would take a com­puter al­gorithm 17,400,000 years to crack. A sim­pler ver­sion, like “Aquar­i­us1” would take just 1.59 days. But then, all of that’s for naught if you give the pass­word away.

Both Bumgarner and Mey­ers agree that the SEA’s cap­ab­il­it­ies are lim­ited. It can’t, for in­stance, take out the United States’ elec­tric grid.

“There’s this de­gree of ‘Well, they might have been suc­cess­ful,’ but, I would not equate suc­cess with soph­ist­ic­a­tion,” Mey­ers says. They can, however, bite at the ankles of Amer­ic­an me­dia. “Which brings us to the next part of the story that I think is about to un­fold, which is if we start lob­bing cruise mis­siles in­to Dam­as­cus, I think we’re go­ing to be see­ing some oth­er in­ter­est­ing activ­ity com­ing out of that re­gion.”

What We're Following See More »
FOLLOWED CLOSED DOOR MEETING
Peña Nieto, Trump Trade Subtle Jabs in Statements
1 hours ago
THE DETAILS

Following their meeting, President Enrique Peña Nieto of Mexico and Republican nominee for president, Donald Trump, briefly addressed the media, with Peña Nieto subtly rebuking Trump's rhetoric. While he spoke respectfully about Trump, Peña Nieto did not back down, saying that free trade has proved effective and that illegal immigration into America from the south has decreased over the last ten years while the flow of people and drugs into Mexico has increased. Additionally, he stressed that Mexicans in America are "honest" and "deserve respect." Trump responded, calling some Mexicans "tremendous people" while saying others are "beyond reproach." Trump laid out five important issues, including the end of illegal immigration and the ability for either country to build a wall or border. However, Trump said he did not discuss who would pay for the wall.

LOWER COURT RULING STANDS
SCOTUS Won’t Restore NC Voter ID Law
1 hours ago
THE LATEST

A divided Supreme Court "refused Wednesday to reinstate North Carolina’s voter identification requirement and keep just 10 days of early in-person voting. The court rejected a request by Gov. Pat McCrory and other state officials to delay a lower court ruling that found the state law was tainted by racial discrimination."

Source:
SMOKIN’ AND SHOOTIN’
Court: 2nd Amendment Doesn’t Protect Pot Users’ Gun Rights
2 hours ago
THE DETAILS
CHICAGO DISTRICT
Woman Self-Immolates in Congressman’s Office
4 hours ago
THE DETAILS

"Police say a woman walked into U.S. Rep. Danny Davis' office on Chicago's West Side, drank out of a bottle of hand sanitizer, poured the sanitizer over herself and set herself on fire with a lighter." The Democrat wasn't in the office at the time.

Source:
ASKS CONGRESS FOR $1.1 BILLION MORE
White House Grants $53 Million for Opioids
6 hours ago
THE LATEST

"The Department of Health and Human Services on Wednesday awarded 44 states, four tribes and the District of Columbia a combined $53 million in grants to expand access to treatment for opioid use disorders and ultimately aimed at reducing the number of opioid-related deaths." But HHS Secretary Sylvia Burwell and drug czar Michael Botticelli both called on Congress to approve the $1.1 billion Obama has requested to fight the opioid crisis.

Source:
×