Menu Close

The Syrian Electronic Army is rewriting the rules of war

Warfare 2.0 doesn’t require much more than a laptop. DFectuoso

In Dragon Day – a provocative new movie on release in the US in November – we see the consequences of a “cyber 9/11”. China has attacked the critical infrastructure of the US in a large-scale cyber-attack. The film illustrates one of the dominant fears about cyber-security and cyber-war: a superpower attacking the networked infrastructure that supports all aspects of life in the 21st century.

Some argue that this fictional scenario is unlikely to ever play out in real life because a cyber-war on such a scale would ultimately be too self-destructive in an inter-connected world. Others believe such a cyber-conflict wouldn’t take place because it couldn’t: fears about the fragility and vulnerability of our networked society are overstated – useful scenarios for Hollywood films but not something we should worry about.

But even if complete societal meltdown is not on the horizon, the attacks coming out of Syria over the past few months are redefining the rules of the game. Until now, the use of cyber-expertise to attack others has been the preserve of rich nations - the technological innovators. Take Stuxnet, the most famous incident of this kind. While the perpetrators of the 2010 attack on Iranian nuclear facility have never been confirmed, it is widely believed that the US government was to blame.

Cyber-crime emanates from “shadow economies” all the time, but we see it as just another nuisance of life in the digital age, a “disease of affluence” that can be controlled through greater precaution and awareness.

The conflict in Syria has created uncomfortable political and strategic problems for Barack Obama and David Cameron but it has traversed geopolitical distance in other ways too. “Local” conflicts have long had a “global” dimension through the use of strategies like hijacking planes or kidnapping citizens and while this conflict exhibits all the attributes of the most brutal civil wars of the twentieth century, it has become “global” through the use of digital strategies. The role played by the Syrian Electronic Army (SEA) challenges our common conception of cyber-security and cyber-war as the terrain of the most “advanced” and “developed”.

The SEA developed spontaneously as a group of Facebook users in 2011, during the early days of the Arab uprisings. Its relationship to the Assad regime is much debated and the SEA denies it is state-sponsored. Either way, it certainly lacks the billions of dollars of investment that goes into cyber-superpower projects elsewhere. As the conflict has unfolded, the SEA has proven to be an active and effective presence in the conflict, using phishing techniques to crack social media accounts, redirect web addresses to its own page and deface other websites. The New York Times has been hit and this week also fell victim to the group.

A lot of the SEA’s work is nuisance. Defaced websites are usually corrected quickly, hijacked Twitter accounts don’t stay that way for long. While it is annoying for consumers and potentially costly for the companies and organisations targeted, these cyber-attacks are a far way removed from the “missiles” in the form of code that some have envisaged in the age of cyber-war.

But earlier this year those who saw the SEA as an irritation rather than a threat were silenced. The army made its presence felt in a big way by hijacking the Associated Press’ Twitter account and tweeting that President Obama had been injured in an explosion, days after the Boston marathon bombing. As a direct result, the Dow Jones dropped 143 points, temporarily draining $136.5 billion from the US economy.

The “flash crash” was not due to nervous traders but software which used a technique called algorithmic trading. This monitors news feeds and social media in order to trade automatically based on the real world events it sees. It worked perfectly in this case - except there were no explosions at the White House and President Obama was perfectly safe.

This was clearly a limited attack. Ten minutes later, with an apology from the Associated Press, the Dow Jones recovered. The financial wobble was likely to have been an unintended consequence from a typical social media “crack” rather than an actual attack itself. But there is no denying that the SEA proved that one tweet could impact complex financial systems. What this event proved is that poor cyber-security across multiple systems can coalesce into a much bigger problem. This cascade effect is a significant danger because it takes such basic technical know-how and the holes are nearly impossible to plug.

Some of the methods used by the SEA are simple. The attack on the Associated Press, for example, was more a case of social engineering than hacking. The real problem is imperfections in the cyber-security of these complex and interconnected systems. Twitter’s speedy expansion left serious flaws in its security and the Associated Press attack forced the company to accelerate the introduction of two-step verification for accounts. It also forced financial institutions to look at the effectiveness of their algorithmic trading systems, having seen how easily they could be spoofed.

This cascade effect is a genuine threat which is being exploited by diverse groups for strategic reasons (or just for the lulz) - and because it is so easy these attacks are becoming more frequent. The SEA is likely to become a blueprint for cyber “assets” who emerge in conflicts around the world from an increasingly technically proficient population.

This new element of conflict might not result in a “middle ranked” state like Syria launching an attack of the type depicted in Dragon Day but the acceleration of technological change and the rapid growth in know-how on all sides might be leading us towards a world in which “action at a distance” becomes more destructive than ever before.

This in turn could radically disrupt the “great chain of being” that orders the world we live in. William Gibson famously wrote: “The future is already here - it’s just not very evenly distributed.” What we see in the conflict in Syria is that the distribution of the “future” is changing the nature of conflict around the world in ways we need to pay attention to. The SEA has warned that more is to come, and it seems it is to be believed.

Want to write?

Write an article and join a growing community of more than 187,300 academics and researchers from 5,000 institutions.

Register now