The group of pro-Assad hackers calling itself the Syrian Electronic Army hacked The Guardian news outlet over the weekend, marking the latest in a string of cyberattacks from the same organization. The incident emphasizes the potential threat such attacks could pose if executed for goals far more malicious than intimidation or mere gain of public attention. And news outlets are among the most useful targets to such groups.
The attack on The Guardian was in apparent retaliation for the outlet’s coverage on the conflict in Syria. Last year, The Guardian also published a cache of emails between Syrian president Bashar al-Assad and his inner circle, in articles that were, not surprisingly, not very flattering of Assad.
On April 15th, the same organization hacked NPR and several of its Twitter accounts, also over the outlet’s coverage of Syria. Only days later, the Syrian Electronic Army hacked several of CBS’ Twitter accounts and sent out pro-Syrian propaganda, including false claims that the CIA is arming Al-Qaeda terrorists in Syria.
The same week, the group also compromised Twitter accounts of the Associated Press to tweet out a false message, causing the Dow to temporarily plummet.
The false tweet said there had been two explosions at the White House and that President Barack Obama was injured. The attack on AP’s Twitter account and the AP Mobile Twitter account was preceded by phishing attempts on AP’s corporate network. […]
The false tweet went out shortly after 1 p.m. and briefly sent the Dow Jones industrial average sharply lower. The Dow fell 143 points, from 14,697 to 14,554, after the fake Twitter posting, and then quickly recovered.
And in March, several of BBC’s Twitter accounts were also hacked by the same group. They tweeted out snarky messages such as, “Saudi weather station down due to head-on collision with camel.”
But these attacks from the Syrian Electronic Army aren’t limited to recent weeks.
In August of 2012, they broke into the blogging platform and Twitter account of Reuters news service. A series of tweets followed, touting “heavy losses” in the Free Syrian Army, one of the anti-Assad rebel groups in Syria, and other pro-Assad messages.
In April of 2012, they hacked the Al-Arabiya news network. During that incident, the hackers disseminated messages that “the Gulf Emirates Prime Minister and Foreign Minister had been relieved of his duties and replaced by the country’s heir-apparent,” followed by a message about “an explosion at a Qatari natural gas field which killed dozens of people.” The pace at which that news spread was dangerously quick. It caused many to fear a rift within the Qatari Royal Family – had the fake news not been refuted as quickly as it was, chaos could easily have followed.
Some suspect that the Syrian Electronic Army may actually be an army of one. Others suspect multiple hackers are involved. Either way, the threat is real.
I’ve covered the Syrian Electronic Army for over a year, as well as other hacker organizations, and have observed a significant uptick over time in the attacks by way of social media, notably on such useful targets as news outlets. Information warfare has become a legitimate danger in spreading propaganda in this day and age, especially in light of various conflicts around the world.
This weekend’s attack on yet another news agency only highlights the dangers we face in these days of information warfare. While hacking attacks certainly present problems and can compromise crucial systems, the hackers’ dissemination of disinformation and propaganda can be just as dangerous in the midst of such a hostile global conflict where information influences the decisions and acts of so many, including anyone from rebels on the ground to leaders of allied and opposing governments.
Twitter is fast becoming the weapon of choice in such cyberattacks. As we’ve seen, hackers succeeded in temporarily plunging the stock market with one false tweet from a reputable news outlet. Overseas in Qatar, they very well could have succeeded in creating chaos and panic. What lies on the horizon?
While the Syrian Electronic Army’s objectives thus far have been focused primarily on generating publicity, these incidents should serve as a warning of the damage that could be done by hackers with a more strategic and aggressive goal in mind.