The New York Times website and Twitter.com came under heavy cyberattack on Tuesday afternoon at the keystrokes of a hacker group called the Syrian Electronic Army, which claimed responsibility for the attack. Also known as SEA, the group has waged repeated attacks against Web properties of Western media organizations over the past year.
SEA’s attack on NYTimes.com and Twitter comes amidst the sound of war drums, as the U.S. and its allies prepare a possible attack on the Syrian military assets over confirmed reports from the United Nations and U.S. Secretary of State John Kerry that Syrian President Bashar al-Assad used chemical weapons on Syrian people. It is the latest and most severe in a string of tragedies resulting from an intense civil war in the country.
So what exactly is the Syrian Electronic Army? Here’s a brief explainer to get you up to speed with the international conflict that is increasingly taking place on the Web.
What is SEA’s mission?
The group supports Assad, and states that its mission is to use the Internet, social media, and cyberattacks to combat those it believes “spread hatred” and “destabilize the security” of Syria.
Why did SEA attack The New York Times?
To send an “anti-war message.”
The @nytimes attack was going to deliver an anti-war message but our server couldn’t last for 3 minutes #SEA
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
Is SEA sponsored by Syria’s government?
Officially, no. But the group does support Assad and Syria’s government. And there are signs that SEA and Assad are in cahoots.
When SEA first published its website in May of 2011, the group claimed to be an independent collection of pro-Syria hackers, not connected to the government. According to University of Vienna cultural studies professor Rüdiger Lohlker (PDF), the group updated its “about” page later that month, removing its description as an independent group, but the descriptions remain in the footnotes. (The website itself is currently offline, but you can see a cached copy of it here. The group also just launched a new Facebook page – but it will probably get taken down sometime soon, like its 220 previous pages.)
According to a hacker who calls himself “Th3Pr0,” and is (or at least was) part of SEA, the group is a collective of “Syrian youths” with hacking skills that seeks to fight back against anti-Syrian media.
“The SEA started at the beginning of the Syria crisis [in 2011]. Young Syrians came together to defend their country against a bloody propaganda campaign by media organizations such as Al Jazeera, BBC and France24,” Th3Pr0 told Vice UK. “We’re all Syrian youths who each have our specialized computer skills, such as hacking and graphic design. Our mission is to defend our proud and beloved country Syria against a bloody media war that has been waged against her. The controlled media of certain countries continues to publish lies and fabricated news about Syria.”
Aside from Th3Pr0, SEA consists of at least three other hackers, who go by the names “Shadow,” “Ch3ckM4te,” and “SEAHawk,” according to a conversation former Reuters social media editor Matthew Keys (who is, incidentally, currently facing federal charges for allegedly telling Anonymous members how to access restricted portions of the Los Angeles Times website).
Despite claims of independence, there is evidence that SEA is supported by Assad’s government – even if it is in an “unofficial” capacity. Lohlker notes that SEA was “inspired by” a group known as the Syrian Computer Society, or SCS, which was founded by President Assad’s brother, Bassel al-Assad, in 1989. SCS was later run by Syria’s current president.
SCS operates as a domain name registrar (think GoDaddy), and reportedly has close ties with Syria’s government – as you might imagine. According to researcher Helmi Noman, SEA’s website was originally registered by SCS.
Earlier this year, Network Solutions LLC, and its parent company Web.com, seized more than 700 domains operated by SCS. This reportedly came under orders of the U.S. Office of Foreign Assets Control (OFAC), an office of the U.S. Treasury Department that oversees trade sanctions.
Is SEA in any way part of Anonymous?
No – at least, that seems unlikely. In fact, the two hacker collectives have long been in opposition of one another. In at least one occasion, however, the two groups apparently worked against a common enemy.
In August 2011, Anonymous declared cyber war against Assad’s government for its objectively brutal treatment of Syrian citizens. The hacktivist collected attacked the website of the Syrian Ministry of Defense later that month. SEA struck back by disabling AnonPlus, the social network Anonymous launched after it was booted off of Google Plus. AnonPlus remains in development.
The groups traded barbs in 2012. But in June of this year, both SEA and Anonymous waged attacks against the government of Turkey in support of protesters in that country.
It’s important to remember, however, that the identities of “members” of both Anonymous and SEA are largely unknown by the public at large, and it is currently impossible to say who, exactly, is behind a specific attack.
What other organizations have SEA attacked?
Other SEA targets include The Atlantic, a link distribution company called Outbrain (used by countless websites, including Digital Trends), The Financial Times, the Associated Press, National Public Radio, BBC News, The Daily Telegraph, Agence France-Presse, 60 Minutes, CBS News, Human Rights Watch, and Al Jazeera. Notably, SEA hacked the Twitter account of the AP and posted a false report of an attack on the White House – a move that caused a 140-point dip in the Dow Jones Industrial Average. Other Twitter account hacks targeted ITV News London, E! Online, FIFA, BBC Weather, and – of all things – The Onion.
SEA also spammed the Facebook pages of President Obama, former French President Nicolas Sarkozy, and Oprah Winfrey, with messages in support of Assad. The group attempted an attack on CNN.com, and also targeted VoIP apps like Viber and Tango, as well as a number of television broadcasters in the Middle East.
What happens next?
That’s anyone’s guess. But considering the U.S. and other countries appear on the verge of bombing Syria, we can likely expect a lot more activity from the SEA. In a tweeted photo depicting President Obama covered in blood, the group promised to “await you near U.S. embassy or central government building (like White House, or City Hall, in case you’re in USA), along the day” – whatever that means. However, as the Washington Post’s Caitlin Dewy notes, SEA hacks “are good for publicity … but they don’t have much staying power.”
Correction: A previous version of this article incorrectly asserted that Matthew Keys told Anonymous members how to access restricted portions of the Los Angeles Times. The copy has been corrected to show that his involvement with Anonymous members in this matter is an allegation, not proven fact.