Hacked off: What happened when the Syrian Electronic Army attempted a cyber attack on The Independent?
Last week The Independent was victim of a cyber-attack by the Syrian Electronic Army. Luckily, our defence was strong. But what did they want from us anyway?
Tim Walker is The Independent’s Los Angeles correspondent, covering entertainment and other concerns from the West Coast of the US. He was previously a features writer and the editor of the paper’s diary column. His first novel, Completion, is being published in January 2014.
Friday 11 October 2013
Ever since the beginning of the long and bloody Syrian civil war, the weight of international opinion has tipped in favour of the moderate rebel forces. Yet the country’s embattled President, Bashar al-Assad, has nonetheless enjoyed several propaganda coups, thanks in large part to the counter-revolutionary hacktivist group known as the Syrian Electronic Army (SEA), which has made a habit of inflicting humiliating cyber defeats on his ideological rivals in the Western media. Last week, it was our turn.
A suspected SEA attempt to hack the accounts of journalists at The Independent in May proved unsuccessful, yet this newspaper was targeted again late last Friday when senior staff became aware of a so-called “spear-phishing” operation, attempting to harvest user information and so gain access to the newspaper’s website and/or its social networking accounts. It is thought the group intended to use the platform to publish pro-Assad propaganda.
Phishing is a crude technique whereby hackers pose as a trustworthy entity to obtain personal information, such as passwords or credit card details. Spear-phishing, marginally more sophisticated, is aimed at specific individuals or companies – newspapers, banks, universities – and uses information gleaned from the public domain against them. The attack typically begins with an email, apparently from someone within the company – and often someone in a position of authority.
In the case of The Independent, the hackers managed to resurrect the defunct email address of a former senior editorial figure, and used it to fire off emails to some 50 staff members, each containing a link to an apparently harmless and familiar site, such as the BBC, MSN or Unicef. The link, when clicked, invited them to give their log-in details. Once they had those, the hackers would likely have sent another set of emails from their victims’ accounts, working their way along the chain until they found somebody with access to the newspaper’s online presence: its website, its Twitter accounts, or its Facebook page. By the time the IT security team was alerted to the hack, a handful had already offered their details. Their accounts were quarantined and their passwords changed, and on Friday night an email was sent to all staff warning them to be vigilant. Luckily, it was repelled before it could go any further.
The origins and identities of the SEA remain disputed. Many believe it is a self-organising outfit similar to the hacking group Anonymous. In an email interview with The Independent in May, hacker Th3Pro, the head of the SEA’s Special Operations division, said the group began as a Facebook page.
“Within a few days more than 60,000 Syrians joined,” he wrote. “Facebook shut it down, and then a website for the group was launched in addition to accounts on all social media sites. Many people joined us, hundreds, thousands.”
Though they support the Assad government, the young Syrians involved are not under its command, he claimed. “Our mission was to defend our country against the media campaign, first in the Arab media, and lately the Western media. We don’t take money for our work, it’s our duty to defend our country.” Contacted again this week, Th3Pro denied involvement in the attack.
In 2011, President Assad himself praised the SEA, describing the group as a “virtual army in cyberspace”, and experts dispute the SEA’s claims to be independent of Assad’s regime. James Lewis, a cyber-security expert at the Centre for Strategic and International Studies in Washington DC, said: “It would be possible for amateur beginners to do everything the SEA has done.... Ask yourself: are there any anti-Assad groups in Syria who have been able to carry out this kind of thing? If the answer is no, it means the government is either consenting to or directing SEA activity.”
Some have speculated that the intensity of the SEA’s attacks on US media outlets is linked to President Obama’s pronouncements on Syria. Analysis by the web intelligence firm Recorded Future suggests a “remarkable correlation” between Obama’s statements on Syria and the SEA’s activities. In August, for instance, as the President publicly weighed military action against the Assad regime following an alleged chemical attack in Damascus, the SEA launched a hack of the New York Times, Huffington Post and Twitter.
The attacks are rudimentary compared to some other spear-phishing hacks, says Graham Cluley, a British computer security expert. “There have been targeted spear-phishing attacks against defence organisations such as Lockheed Martin or the Pentagon,” Cluley says. “We also see a lot of state-sponsored attacks. For instance, the Tibetan government in exile and other Chinese dissidents are regularly sent emails containing booby-trapped documents, which infect their computer and install malware to allow the hackers access to steal information. And it’s not just China, by any means – everybody’s at it.”
- 2 Disney heiress Abigail disowns her share of family profits in West Bank company
- 3 The secret report that helps Israel hide facts
- 4 Israel's propaganda machine is finally starting to misfire
- 5 'Hello mum, this is going to be hard for you to read ...'
Sally Farmiloe dead: Howards' Way actress, and former mistress of Jeffrey Archer, dies aged 60
Russell Brand accuses FOX News anchor Sean Hannity of terrorism after aggressive Israel-Gaza debate
Pope Francis issues top 10 tips for happiness – including don’t try to convert other people
Sabina Altynbekova, the girl branded 'too good looking' for volleyball, says social media obsession with her is a 'bit much'
Justin Bieber posts Instagram photo of Orlando Bloom crying after Ibiza fight 'over Miranda Kerr'
The secret report that helps Israel hide facts
Land for gas: Merkel and Putin discussed secret deal could end Ukraine crisis
Woman and two children killed by mob in riots over 'blasphemous' Facebook post in Pakistan
A day in the life of Vladimir Putin: The dictator in his labyrinth
Putin is 'thuggish, dishonest and reckless', says British ambassador to US
Richard Dawkins tweets: 'Date rape is bad, stranger rape is worse'
- < Previous
- Next >
£35000 - £40000 per annum + competitive: Progressive Recruitment: .Mid Level V...
£40000 - £45000 per annum + Competitive Benefits: Progressive Recruitment: Dig...
£40000 - £50000 per annum + Car, Medical, Fuel + More!: Progressive Recruitmen...
£50000 - £60000 per annum + benefits: Progressive Recruitment: An absolutely o...