The Syrian Electronic Army: Lessons to be learned
Davey Winder probes just who is doing just what and why, and asks what enterprises can learn from it.
Digging into who is behind the Syrian Electronic Army (SEA) has proved to be harder than expected. Usually these kind of politically motivated groups leave a fairly obvious trail, unless they are of the state-sponsored variety, so could it be that the SEA is a semi-official wing of the Syrian government itself?
That suggestion would appear to hold some weight, not least that an investigation a couple of months ago by respected IT security journalist Brian Krebs points to the SEA having many sites hosted at addresses belonging to the Syrian Computer Society (SCS) until a sanctions-based seizure of web domains by Network Solutions earlier this year closed them down.
It's worth reading the Krebs investigation, as it provides some fascinating background into how the host domains moved to Russia and were subsequently hacked and documents revealing some of the people behind the SEA obtained as a result. They themselves have claimed to be a "group of enthusiastic Syrian youths" who refused to remain silent in the face of "the massive distortion of facts about the recent uprising in Syria" on one hand.
On the other hand, there's that SCS link to al-Assad and the fact that the SEA makes no bones about being loyal to the Syrian President. But whether you believe that the SEA is a state-sponsored hacktivist cell or just a bunch of script kiddie disrupters is actually by the by. What matters to me, and I would suggest should matter to you, is the fact that some very high-profile media sites with suitably high-flying security budgets and an awareness that they are very attractive targets for hackers of all descriptions should have found themselves victims of the SEA at all.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.