The Syrian Electronic Army is a public online political group that emerged in 2011 to support Syrian President Bashar al-Assad and his regime. The army arose days after Syria lifted its online ban of Facebook and YouTube. Syrian electronic army was once managed by the Syrian Computer Society, which was headed by President al-Assad in the 1990s. The Syrian Computer Society, which regulates the internet within Syria, even registered the SEA website. The SEA hackers / Syrian hackers may be partially or entirely supported by the Syrian government. At present, the SEA’s domain is no longer hosted by the Syrian Computer Society and it claims no ties to the government. Based on the aptitude at social media and the humor used on defaced sites, the army likely consists of young adult males. One “inside source” claimed that the group consisted of nine Syrian college students; however, no other sources have verified this claim.

By all appearances, the Syrian electronic army conducts attacks to garner global attention rather than to steal data or financial information. The SEA hackers primarily targets media outlets and journalists, political groups that oppose al-Assad’s regime, human rights groups, and western organizations. Most SEA attacks target the websites and social media accounts of United States news organizations because it argues that the outlets spread anti-Syria propaganda. The Syrian electronic army uses malware and phishing campaigns to actively monitor Syrian rebels and members of Human Rights groups.

SEA hackers/ Syrian hackers attacks begin with phishing through spam or spear phishing using detailed information obtained from previous campaigns. The SEA attempt to gain user credentials, which it then uses to seize control of the websites and social media accounts of prominent organizations. The army has attacked the websites and/or social media accounts of: “60 Minutes,” Al-Jazeera, Associated Press, BBC News, CBC News, CNN, The Daily Telegraph, Financial Times, The Guardian, The Onion, National Public Radio, The New York Times, Reuters, Time, and The Washington Post. Once it has control, The SEA posts fake stories or news and collects any confidential information that could be useful in future attacks, such as contact names. When phishing attempts fail, SEA may resort to malware, website defacement through web exploits, or denial of service attacks leveraging botnets. If no attack vector succeeds, then the SEA resorts to bombarding the social media accounts of its target with pro-Syria messages.

Most attacks amount to a banner ad or redirection to a site that supports al-Assad; however, the attacks can have tangible impacts. When the SEA hacked the Associated Press Twitter account in 2013, they posted a message that the White House had been bombed and that President Obama was injured. The post resulted in a noticeable impact on the DOW Jones and the S&P 500 Index (~$136.5 billion).

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Consent to display content from Youtube
Consent to display content from Vimeo
Google Maps
Consent to display content from Google