REPORTER'S NOTEBOOK
Features

Syria’s war moves to electronic battlefield

Hackers linked to Assad’s government responsible for several cyber-attacks in recent weeks, UK-based firms says.

By Laurence Lee
Published On 5 Sep 2013

The Syrian government’s forces look like they’ve been getting the upper hand in the country’s civil war, and the cyber war being fought out electronically has just taken a big step in a new direction as well.

A few weeks ago – in fact inside the space of just eight days – the Syrian Electronic Army (SEA), an invisible group of internet hackers linked to the government of Bashar al-Assad, did something which bears comparison to the allegations put forward by Edward Snowden, the American whistleblower, recently.

The following is a quote from a blog written by a company in London called Fire Eye, which discovered what the SEA had been up to and who are featured in the video below:

 

  • July 16: SEA hacked the Swedish site Truecaller, home to the world’s largest online telephone directory, with over a billion phone numbers in over 100 countries. SEA claimed this attack also gave it access codes to more than a million Facebook, Twitter, LinkedIn, and Gmail accounts. The initial attack vector was an older, vulnerable version of WordPress.
  • July 21: SEA hacked the video and text messaging service Tango, stealing more than 1.5 TB of data, including user information, true names, phone numbers, emails, and personal contacts for millions of accounts. Again, the attack vector was a vulnerable version of WordPress CMS (v 3.2.1), which gave SEA unauthorised access to the database server.
  • July 24: SEA hacked Viber, a free online calling and messaging application used by more than 200 million users in 193 countries. Viber acknowledged the attack, explaining that the initial compromise vector was an email phishing scam which enabled SEA to access two customer support sites. Thus far, the company has denied that private user information was lost.

Now I don’t know about you, but the idea that more than a billion people in nearly two hundred countries might have had their personal details stolen by an extra-judicial group loosely affiliated to the Assad government seems to me to be quite important, particularly given that the US administration got such a kicking recently for the Edward Snowden revelations regarding its PRISM online surveillance programme.

 And of course the big question is this – what on earth did the SEA do it for?

Al Jazeera, along with the BBC, the Guardian, Reuters, AP and many other news media organisations, were successfully hacked by the SEA on the assertion that the media gives the Assad government an unfairly hard time. And whatever you think of them, you can’t help but admire the chutzpah of people who hack the AP Twitter site to claim the White House has been attacked.

But stealing the phone numbers of people all over the world who have nothing at all to do with Syria is a different kettle of fish entirely.

 So here are a few theories:

  1. They’re looking for anti-Assad people and are trawling through millions of peoples’ details to find critics of the Syrian government.
  2. It’s a show of force, mirroring the successes of the real war.
  3. They’ll try to bring down half the internet by infecting social media sites.
  4. They’ll sell everyone’s personal details to the Russian mafia.

You might well have a theory of your own which is just as good as any of those, and the truth is that nobody seems to know, at least where I’m writing from. But the people who discovered this have certainly passed on their findings to “law enforcement agencies” (make of that what you will), so I assume people in Whitehall and Washington are probably trying to figure it out as well.

 So – here’s something to mull over as you eat your breakfast. Your personal details are capable of being looked at now not just by the US authorities but perhaps the Syrian government as well. 

Deep breaths.