The Syrian Electronic Army (SEA) is a group of computer hackers that emerged in 2011 to support the government of Syrian President Bashar al-Assad. The group uses various tactics, including spamming, website defacement, malware, phishing, and denial-of-service attacks, to target terrorist organizations, political opposition groups, Western news outlets, human rights groups, and websites that are seemingly neutral to the Syrian conflict.
Formation and Purpose
The SEA was formed in March 2011, shortly after the start of the Syrian civil war. The groupâs purpose is to support the Syrian government and counter what it considers to be âfabricated newsâ about Syria broadcast by Arab and Western media.
Tactics and Targets
The SEA has been involved in a number of high-profile hacking incidents, including the hijacking of Twitter accounts belonging to major news organizations such as the Associated Press, BBC, and National Public Radio. The group has also targeted government and military websites, as well as websites of opposition groups and human rights organizations.
Notable Incidents
- In 2013, the SEA hacked into the Twitter account of the Associated Press and sent a false tweet about an explosion at the White House, causing a brief dip in the Dow Jones index.
- In 2015, the SEA hacked into the website of the Qatar-based news agency Al Jazeera and replaced its content with pro-Assad messages.
- In 2016, three Syrian nationals, all current or former members of the SEA, were charged with multiple conspiracies related to computer hacking in the United States.
International Involvement
The SEA has been linked to both Russia and Iran, which have been strong supporters of the Syrian government. Some experts believe that the SEA may be receiving training and equipment from these countries.
Impact
The SEAâs activities have had significant consequences, including the disruption of news coverage and the spread of misinformation. The groupâs hacking incidents have also raised concerns about the potential for cyber warfare and the need for international cooperation to combat cyber threats.
The Syrian Electronic Army (SEA) is an APT group that was active from 2011 to 2014, with alleged ties to the Syrian government. The SEA targeted media organizations and technology companies such as Microsoft, Reuters, and the BBC, among others. They were known for their ability to infiltrate networks and steal sensitive information through social engineering tactics. Their activities included defacing websites with pro-Syrian propaganda messages and sending fake emails that appeared to be from legitimate sources but contained malware or links to phishing sites. The SEA's activity was eventually halted by the arrest of some of its members in 2014, although it is unclear if they continue to operate under a different name.
Techniques, tactics and practices:
The SEA employed various TTPs in their attacks, including social engineering to gain access to sensitive information. They would send fake emails that appeared to be from legitimate sources but contained malware or links to phishing sites. The group also targeted media organizations and technology companies such as Microsoft, Reuters, and the BBC, among others, by defacing their websites with pro-Syrian propaganda messages. Additionally, they were known for infiltrating networks through various means including spearphishing attacks and exploiting vulnerabilities to gain access to sensitive information.
