News

Syria could strike back in cyberspace

Syria could strike back in cyberspace

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. Photo: Reuters/Pawel Kopczynski

By Joseph Menn

SAN FRANCISCO (Reuters) – If the United States attacks Syria, it will be the first time it strikes a country that is capable of waging retaliatory cyberspace attacks on American targets.

The risk is heightened by Syria’s alliance with Iran, which has built up its cyber capability in the past three years, and already gives the country technical and other support. If Iran stood with Syria in any fray with the United States that would significantly increase the cyber threat, security experts said.

Organized cyber attacks have already been carried out by the Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad. It has disrupted the websites of U.S. media and Internet companies and is now threatening to step up such hacking if Washington bombs Damascus.

“It’s likely that the Syrian Electronic Army does something in response, perhaps with some assistance from Iranian-related groups,” said former White House cybersecurity and counter terror adviser Richard Clarke.

Little is known about the hackers behind the Syrian Electronic Army, and there is no evidence that the group is capable of destructive attacks on critical infrastructure.

However, former U.S. National Security Agency director Michael Hayden told Reuters that the SEA “sounds like an Iranian proxy,” and it could have much greater ability than it has displayed.

Thus far, the SEA’s most disruptive act was in April when it broke into the Twitter account of the Associated Press and sent fictional tweets about explosions at the White House. The false messages sent the stock market into a downward spiral that, for a short time, erased more than $100 billion in value.

In an email to Reuters on Wednesday, the SEA said if the U.S. military moves against Syria “our targets will be different.”

“Everything will be possible if the U.S. begins hostile military actions against Syria,” the group said in the note.

President Barack Obama vowed on Wednesday that the Syrian government would face “international consequences” for last week’s deadly chemical attack in Syria, but he made clear that any military action would be limited.

Asked about the threat of cyber retaliation, U.S. Department of Homeland Security spokesman Peter Boogaard said the government “is closely following the situation and actively collaborates and shares information with public and private sector partners every day.”

A U.S. Department of Defense spokesman said he could not discuss specific threats, while another source at the Pentagon said no unusual activity had been detected by late on Wednesday.

IRAN SHARPENS ITS GAME

Cyber experts have said that Iran increased its cyber capabilities after the United States used the Stuxnet virus to attack Tehran’s nuclear program.

U.S. intelligence officials have blamed hackers sponsored by Iran for a series of so-called distributed-denial-of-service attacks against many U.S. banking sites. In DDoS attacks, thousands of computers try to contact a target website at the same time, overwhelming it and rendering it inaccessible.

In three waves of attacks since last September, consumers have reported inability to conduct online transactions at more than a dozen banks, including Wells Fargo & Co, Citigroup Inc, JPMorgan Chase & Co and Bank of America Corp. Banks have spent millions of dollars to fend off the hackers and restore service.

Researchers have said that Iran has also infiltrated Western oil companies, and it could try to destroy data, though that would increase the risk of retaliation by the United States.

Things in cyberspace would get more complicated if Russia, an ally of Iran and Syria, were to step in. Former Obama administration officials have said that Russia, which has supplied arms to Syria, has cyber capabilities nearly as powerful as the United States.

Even if the Russian government did not act directly, the country’s private hackers rank with those in China in their ability and willingness to conduct “patriotic” attacks. Cyber experts have said that Russian hackers have struck at government and other sites in Estonia and Georgia.

The Syrian Electronic Army’s servers are based in Russia, and that alliance could strengthen if matters in Syria became more dramatic, said Paul Ferguson of the Internet security company IID.

“We already have a bad geopolitical situation,” Ferguson said. “This could play into the entire narrative I don’t want to see happen.”

It is unclear how much cyber damage Syria could or would want to inflict, said Dmitri Alperovitch, chief technology officer of security firm CrowdStrike.

“We haven’t seen significant intrusion capabilities from them or destructive capabilities,” he said.

Earlier this week, as the Obama administration pushed for more support for strikes on Syria, the New York Times, Twitter and the Huffington Post lost control of some of their websites. The SEA claimed responsibility for the attacks.

Security experts said electronic records showed that NYTimes.com, the only site with an hours-long outage, redirected visitors to a server controlled by the Syrian group.

The SEA had planned to post anti-war messages on the Times site but was overwhelmed by the traffic it received and its server crashed, the SEA said by email. Late on Wednesday, some users still could not access NYTimes.com.

The SEA managed to gain control of the New York Times web address by penetrating MelbourneIT, an Australian Internet service provider that sells and manages domain names.

It could have done much worse with such access, experts said, underscoring the vulnerability of major companies that use outside providers.

“Chief information officers need to realize that critical pieces of their online entities are controlled by vendors and that security policies should apply to them as well,” said Amichai Shulman, chief technology officer at security firm Imperva.

What's On 'KLH?

Favorite Fish Fry

FavoriteFishFry_int_wp

Tell us your Favorite Fish Fry to win a $300 ticket package! Brought to you by Zounds Hearing Center.

Hire Me MKE

HireMeMKE_620x400

Looking for a job around the Milwaukee area? Check out some openings>>

Wanna Play DJ?

HEYMOM

You can host your own show Sunday night at 6 on ‘KLH!

Recent Headlines

in National

Amanda Knox murder conviction overturned

Fresh
FILE - In this Jan. 31, 2014, file photo, Amanda Knox prepares to leave the set following a television interview in New York. Knox is engaged to Colin Sutherland, a musician who recently moved to Seattle from New York, a person close to the Knox family confirmed for The Associated Press. Knox’s murder conviction in the 2007 stabbing of her roommate has been reinstated by an Italian court, but the former college exchange student maintains her innocence and vows she won’t willingly go back to Italy. Both Knox and Sutherland are 27. No wedding date had been set.

Italy's highest court has overturned the murder conviction against Amanda Knox, bringing to a definitive end the high-profile case.

in National

Time for Iran to make tough decisions in nuclear talks

In this March 26, 2015, photo, Iranian Foreign Minister Mohammad Javad Zarif, center, leaves a meeting with U.S. Secretary of State John Kerry and other U.S. officials at a hotel in Lausanne, Switzerland. U.S. and Iranian diplomats gather at a Baroque palace in Europe, a historic nuclear agreement within reach. Over Iraq’s deserts, their militaries fight a common foe. Leaders in Washington and Tehran, capitals once a million miles from each other in ideological terms, wrestle for the first time in decades with the notion of a rapprochement.

Six world powers and Iran move closer to a deal, but there are still major disagreements.

in Sports

This week’s top sports shots

Updated
AP564917773040_12

A look at some of the biggest plays and best photos in sports this week.