Analysis: Syria, aided by Iran, could strike back at U.S. in cyberspace

SAN FRANCISCO Thu Aug 29, 2013 7:07am EDT

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. REUTERS/Pawel Kopczynski

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013.

Credit: Reuters/Pawel Kopczynski

Related Topics

SAN FRANCISCO (Reuters) - If the United States attacks Syria, it will be the first time it strikes a country that is capable of waging retaliatory cyberspace attacks on American targets.

The risk is heightened by Syria's alliance with Iran, which has built up its cyber capability in the past three years, and already gives the country technical and other support. If Iran stood with Syria in any fray with the United States that would significantly increase the cyber threat, security experts said.

Organized cyber attacks have already been carried out by the Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad. It has disrupted the websites of U.S. media and Internet companies and is now threatening to step up such hacking if Washington bombs Damascus.

"It's likely that the Syrian Electronic Army does something in response, perhaps with some assistance from Iranian-related groups," said former White House cybersecurity and counter terror advisor Richard Clarke.

Little is known about the hackers behind the Syrian Electronic Army, and there is no evidence that the group is capable of destructive attacks on critical infrastructure.

However, former U.S. National Security Agency director Michael Hayden told Reuters that the SEA "sounds like an Iranian proxy," and it could have much greater ability than it has displayed.

Thus far, the SEA's most disruptive act was in April when it broke into the Twitter account of the Associated Press and sent fictional tweets about explosions at the White House. The false messages sent the stock market into a downward spiral that, for a short time, erased more than $100 billion in value.

In an email to Reuters on Wednesday, the SEA said if the U.S. military moves against Syria "our targets will be different."

"Everything will be possible if the U.S. begins hostile military actions against Syria," the group said in the note.

President Barack Obama vowed on Wednesday that the Syrian government would face "international consequences" for last week's deadly chemical attack in Syria, but he made clear that any military action would be limited.

Asked about the threat of cyber retaliation, U.S. Department of Homeland Security spokesman Peter Boogaard said the government "is closely following the situation and actively collaborates and shares information with public and private sector partners every day."

A U.S. Department of Defense spokesman said he could not discuss specific threats, while another source at the Pentagon said no unusual activity had been detected by late on Wednesday.

IRAN SHARPENS ITS GAME

Cyber experts have said that Iran increased its cyber capabilities after the United States used the Stuxnet virus to attack Tehran's nuclear program.

U.S. intelligence officials have blamed hackers sponsored by Iran for a series of so-called distributed-denial-of-service attacks against many U.S. banking sites. In DDoS attacks, thousands of computers try to contact a target website at the same time, overwhelming it and rendering it inaccessible.

In three waves of attacks since last September, consumers have reported inability to conduct online transactions at more than a dozen banks, including Wells Fargo & Co, Citigroup Inc, JPMorgan Chase & Co and Bank of America Corp. Banks have spent millions of dollars to fend off the hackers and restore service.

Researchers have said that Iran has also infiltrated Western oil companies, and it could try to destroy data, though that would increase the risk of retaliation by the United States.

Things in cyberspace would get more complicated if Russia, an ally of Iran and Syria, were to step in. Former Obama administration officials have said that Russia, which has supplied arms to Syria, has cyber capabilities nearly as powerful as the United States.

Even if the Russian government did not act directly, the country's private hackers rank with those in China in their ability and willingness to conduct "patriotic" attacks. Cyber experts have said that Russian hackers have struck at government and other sites in Estonia and Georgia.

The Syrian Electronic Army's servers are based in Russia, and that alliance could strengthen if matters in Syria became more dramatic, said Paul Ferguson of the Internet security company IID.

"We already have a bad geopolitical situation," Ferguson said. "This could play into the entire narrative I don't want to see happen."

It is unclear how much cyber damage Syria could or would want to inflict, said Dmitri Alperovitch, chief technology officer of security firm CrowdStrike.

"We haven't seen significant intrusion capabilities from them or destructive capabilities," he said.

Earlier this week, as the Obama administration pushed for more support for strikes on Syria, the New York Times, Twitter and the Huffington Post lost control of some of their websites. The SEA claimed responsibility for the attacks.

Security experts said electronic records showed that NYTimes.com, the only site with an hours-long outage, redirected visitors to a server controlled by the Syrian group.

The SEA had planned to post anti-war messages on the Times site but was overwhelmed by the traffic it received and its server crashed, the SEA said by email. Late on Wednesday, some users still could not access NYTimes.com.

The SEA managed to gain control of the New York Times web address by penetrating MelbourneIT, an Australian Internet service provider that sells and manages domain names.

It could have done much worse with such access, experts said, underscoring the vulnerability of major companies that use outside providers.

"Chief information officers need to realize that critical pieces of their online entities are controlled by vendors and that security policies should apply to them as well," said Amichai Shulman, chief technology officer at security firm Imperva.

(Reporting by Joseph Menn; Editing by Tiffany Wu, Toni Reinhold)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (9)
Reuters1945 wrote:
“Syria, aided by Iran, could strike back at U.S. in cyberspace”

Mr. Obama, egged on by his not overly intelligent so-called “advisors”, does not seem to understand that in his preachy, soap box style grandstanding, proclaiming that the US, et al, need to “teach people lessons”, he is actually playing with fire.

In this age of electronic warfare, there are an infinite number of means and ways, that people can do gargantuan amounts of damage to the USA and its various allies without possessing any sophisticated missiles.

The recent internet “crashes” that some major entities have suffered is only the tip of the proverbial iceberg regarding what it is actually possible to achieve by a small number of people with laptops.

The truth is that a Senior Ranking Member of the United Nations Team investigating the recent use of chemical weapons in Syria has just released some early assessments that it appears it was the Rebels themselves who released certain types of poison gas and NOT Assad’s forces.

But regardless of what the final conclusions are made by the full UN Team in Syria, Mr. Obama, for the sake of trying to appear “tough” and to save face after all his past hyperbolic “Red Line” yammering, could easily be setting America up for more problems and pain than anyone can at the present, begin to imagine.

The day Japan launched their surprise attack on Pearl Harbor, at least one high ranking Japanese General remarked: “We have woken a sleeping giant and we will come to regret what we have done”.

The shortsighted White House idea of firing missiles at Syrian targets, even if for just two days might just as well be seen as a front page Declaration of War. Syria and her own allies will be determined to answer and react to any attack on Syria’s soil.

One of the first Laws of the Universe is the concept that every Action leads to an equal and opposite Reaction.

To run that risk of escalating to ever higher and higher degrees the level of violence in Syria, is a prescription for future disaster.

Especially when by helping to topple the Regime of Assad the US will be bringing to power the very actors the US sacrificed the lives of almost 5,000 American soldiers and Three Trillion dollars to defeat or at least keep at bay.

It would appear that the present White House is so devoid of any intelligent long term strategy thinkers and planners that at this point in time we may as well “Bring in the Clowns”.

They would not and could not, possibly make more of a mess of things in the Middle East, than the present Administration has done.

It is a small ray of hope that the British people are starting to stand up, literally in the streets, and say- enough is enough- And more than enough.

Perhaps Americans will soon begin to throw open their millions of windows and begin, as they did in a famous Hollywood movie, to scream at the top of their lungs:

” I’m mad as Hell and I’m NOT going to take it anymore”.

Aug 29, 2013 2:25am EDT  --  Report as abuse
SKYDRIFTER wrote:
Obama’s proposed fine adventure could mark a totally new era in warfare. The worst damage via cyber warfare is “public fear.” Besides personal reactions, the effect on major economic operations could directly or indirectly put the USA on the brink of a 1929 style Depression – starting with the stock exchanges.

Just the known threat, from recent history, should have already stimulated a massive “firewall” system, of some sort – add the reasonably valid fears of the potential for far greater “cyber damage.”

It’s getting to the point that the ‘friendly’ hackers need to be drafted into a factual “National Security” effort to just design a firewall system.

In reality, if Assad fired the proper “cyber shot” across the bow of Obama’s big ship; a lot of different decisions would quickly be made.

If anyone has an existing firewall system, it would probably be Israel. Obama needs to make some inquiries.

The unmentioned fear is that a rogue country might have the capability to knock out satellites with LASER weaponry.

Conversely, it would be interesting to know the reality of the U.S. space-based weaponry – including “LASER cannons.” In theory, the space-based capability doesn’t exist; but it’s totally naive to believe in such ‘theories.’

So, is Obama going to make the “big decision?”

Aug 29, 2013 4:37pm EDT  --  Report as abuse
OneOfTheSheep wrote:
If U.S. Computer networks involved in operating day-to-day infrastructure such as satellite communication and orientation, water releases at dams during flooding, electrical grid energy flow, pipeline flow rates and directions, train signal scheduling, etc. are vulnerable to third-rate muslim countries we need to know that NOW and not when we’re eye to eye with a moth-eaten Russian Bear (which will happen sooner or later if Putin stays in power.

Aug 29, 2013 8:59pm EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

Full focus