Al Jazeera Investigates Syrian Electronic Army
- Syrian activist tells of being tortured for his Facebook details
- Opposition’s battle plans hacked over Skype
- SEA has technology to monitor 8000 IP addresses per day
- SEA is able to access activists’ computers via remote control, steal their passwords, and spy on them through their computer cameras
Last week, the US Army’s website was taken offline after being hacked by The Syrian Electronic Army (SEA), who posted a message telling visitors, “Your commanders admit they are training the people they have sent you to die fighting.”
Last night on Al Jazeera, People & Power screened Syria’s Electronic Armies, an investigation into the cyber troops loyal to Syrian president Bashar al-Assad.
The story of how Syrian activists used social media and the internet as tools of liberation to organise protests against President Assad has frequently been told.
Similarly, it’s common knowledge that the hacking collective Anonymous defaced Syrian government websites like the Ministry of Defense, and that Syrian activists hacked into President Assad’s personal email to reveal intimate and embarrassing secrets that made headlines around the world.
Far less is known about what happened next. As Al Jazeera’s Juliana Ruhfus explains, “The security agency realized the role that the internet was playing in mobilizing people and started using it against the activists.”
Media activist Rami Jarrah says, in terms of cyber warfare, the Syrian government “weren’t advanced before the conflict, but just after the conflict began, the uprising began, we could see the difference. We could see how they advanced themselves and it was obvious that they were getting help.”
Jarrah tells Ruhfus of being tortured for three days and how his interrogators wanted to know his Facebook account and all the IP addresses that he’d accessed his account from.
A Syrian hacker tells Ruhfus of being approached to join SEA. In addition to offering generous salaries, he says the hackers are extremely well-equipped. For example, he was told they had the technology to monitor 8 000 IP addresses per second.
Laura Galante, a senior threat intelligence analyst with FireEye, tells Ruhfus SEA accessed 31 000 Skype conversations, some of which included the opposition’s advanced strategic battle planning.
Galante adds that pro-Assad hackers are posing as beautiful women to target opposition fighters on Facebook and matchmaking sites.
Ruhfus also interviews Jean Pierre Leseur, a French programmer whocoded one of SEA’s most powerful weapons while still in his teens. He explains how – to his dismay – the SEA is exploiting his open-source Dark Comet software to access activists’ computers via remote control, steal their passwords, and spy on them through their computer cameras.
Ruhfus started her investigation after French TV network TV5Monde had 12 TV channels taken off air by hackers in April, not to mention their website, apps and social networks.
The attack, which displayed messages from a ‘Cyber Caliphate,’ was initially blamed on ISIL-linked groups, but analysts now say the attack came from a Russian hacking group, APT28, pretending to be ISIL.
TV5Monde director Yves Bigot says, “We are the example for the general public to understand that there’s a new war that’s going on now that is a cyber war, which means your territory is not attacked by soldiers or tanks but there’s a war in cyberspace going on.”
“As the Syrian revolution descended into a brutal war, the rest of the world watched on from a position of safety. But cyber war respects no borders,” says Ruhfus. “The Syrian conflict is a likely blueprint for the way future wars will be played out …”