The Syrian Electronic Army has returned, and they look less threatening than ever
|
Version 0 of 1. On Thursday morning, some visitors to a diverse array of news and entertainment Web sites, including The Guardian, CNBC, NHL.com and Forbes, were greeted with an unusual pop-up message. "You've been hacked by the Syrian Electronic Army(SEA)," the message read. For some readers, the return of SEA may seem like a blast from the past. For a period between 2011 to 2013, the group, which claimed to be a loose collective of hackers who supported Syrian President Bashar al-Assad, captivated the world with a series of high profile hacks. In particular, SEA targeted media organizations (including The Washington Post) that it perceived as hostile to the Syrian regime. A few of these hacks made a big impact: By hacking the Twitter account of the Associated Press, for instance, they were able to briefly convince much of the world that the White House had been bombed and send stocks tumbling. At other points, however, the hacks almost appeared to be a self parody: Their decision to target the Onion prompted ridicule and a brutal response from the satirical news site. They were also criticized for making crude, immature jokes in their hacked messages: 'Outting' Justin Beiber or saying jihadists smell, for example. "Haters gonna hate," one alleged member of the group wrote in response to their critics. Even so, the groups and their actions were fascinating. Some investigations suggested that they were somehow linked to the Assad government and may not be based in Syria. In April 2013, I interviewed one of the suspected hackers, who went by the name of Th3 Pr0 and claimed to be an 18-year-old Syrian. He claimed patriotism was SEA's only motive. "Sure not," he responded when I asked if he was paid for his work. "We don't need money for our work, Syria is our homeland and our duty to defend it." In 2014, however, the situation SEA finds itself in has changed. Arguably the last high profile hack by the group was probably that of Forbes in February, though the group has sporadically performed other attacks since then. "The SEA didn't stop," a representative of the group argued on Thursday in an e-mail. "There were other (unannounced) attacks." Perhaps true, but it's hard to see the impact. Part of this is simply the declining shock value of low-level hacks like this. But perhaps a bigger problem for SEA is that they were soon eclipsed by a far bigger, scarier threat. At the very start of 2014, a group calling themselves the Islamic State of Iraq and Syria captured the Iraqi city of Fallujah. The extremist Salafists who led the group soon overshadowed every other group in the Middle East. The Islamic State, as they were later renamed, soon became notorious for horrific violence -- they were even dubbed "too extreme" for al Qaeda -- and took over huge areas of Syria and Iraq. They captured the imagination of a worrying number of foreigners, who fled home to go fight with them. By fall, following the murder of a number of American journalists, the Islamic State was able to do what Assad's regime had avoided: Drag the United States and its allies into the Syrian war. The West now walks a fine line between striking the Islamic State, which wishes to topple the Syrian government and set up a Sunni caliphate, and aiding Assad. In some quarters, there has even been debate about working with the Syrian regime to destroy the Islamic State. In this new reality, the idea that hacked Web sites are anything to be scared of certainly looks quaint. And even in the world of online attacks, SEA's tactics, often involving phishing or the targeting of third parties, begin to look a little silly when put next to the huge scale of the attacks said to be coming from China. SEA says that they were able to pull off Thursday's hack by exploiting the DNS settings of Gigya, a popular comment platform. According to the Independent (itself a victim of the attack), there are no signs that data was compromised or that any users were put at risk. "It is PR move to show they have the skills, but what they are doing is not dramatically sophisticated," Ernest Hilbert, managing director of cybercrime at investigations firm Kroll told CNBC. When asked how they justified the attack, SEA pointed to Western media reports of a recent Syrian government airstrike on the city of Raqqah, now a stronghold for the Islamic State, which activists say killed almost 100 people. "Some British and American media news sites published that the Syrian air strikes hit only citizens in Raqqa," an SEA spokesman said in an e-mail. "While the truth is the strikes hit [Islamic State] terrorists." It appears to have been timed to coincide with Thanksgiving for maximum impact. However, for all of SEA's bluster, it's hard to see Thursday's attack as much of a punishment, nor as much of a threat. Instead, the return of SEA serves as a grim reminder of how simple the Syrian conflict used to seem -- and how complicated it's become. |