Pro-Assad hackers are promising a massive counterattack online, if the U.S. military strikes Syria. But they also admit they may not be able to do more than muck up a couple of American websites.
The Syrian Electronic Army, a group of Bashar al-Assad loyalists that claims to number in the tens of thousands, has grabbed headlines for commandeering the Web sites of the New York Times and the Washington Post, as well as the Associated Press' Twitter feed. It's not the only hacker group operating in Syria, but it has the biggest profile and appears positioned to launch some kind of response should the United States attack Syria.
Exactly what form that response will take is unclear. So we decided to ask the group. Foreign Policy contacted the SEA via a Gmail account that the group is believed to use. While it was not possible to verify that the person who responded is in fact a member of the SEA, the account has been linked to the group's purported Twitter feed, and it has been shared with other journalists seeking interviews.
The SEA promised that it would respond to the use of military force by the United States.
"In the event of an all-out war, it becomes the responsibility of every Syrian national to stop or shorten the length of that war through any means necessary," the SEA said. The group claimed to have a "bank of targets and many surprises" at the ready should the United States attack. But it did not name any specific targets or hint at what categories they might include.
To date, the SEA has shown no capacity for launching sophisticated strikes that would disable critical infrastructure or communications networks. The SEA acknowledged that "so far we have consigned ourselves to vandalism," and even offered that after years of civil war in Syria, many of its members "have lost almost everything and are hanging on by a thread..."
Foreign Policy asked the SEA whether it has any intentions -- or the capability -- to launch attacks that cause physical damage or more serious disruptions.
"There were attempts to frame us for such an act by discredited media platforms but we have never announced such an attack," the SEA said, without specifying what those attacks were. "It's our opinion that these attacks are extremely complicated and require state-level espionage, as in Stuxnet. ... You can imagine what kind of budget that involves. That said, we don't give out any details about future attacks."
The SEA representative didn't come out and say it, but this appears to be an acknowledgement that the group doesn't have the resources to pull of an attack like the famous Stuxnet worm, which the United States and Israel are believed to have built to disable centrifuges in an Iranian nuclear facility. That would likely come as little surprise to experts, who have never credibly suggested that the SEA, on its own, could wreak that kind of havoc. But it was remarkable that the SEA would essentially concede the point, as well.
In previous interviews, the SEA has shown more bravado. In a recent exchange with Mashable, the group insisted "we will target all of it," referring to U.S. government targets and media organizations, should the U.S. military attack Syria. And someone claiming to be a top member of the SEA told ABC News, "All American sites will be our targets and we may be more destructive" than in previous acts of vandalism.
Experts have said that the SEA's attacks are getting more sophisticated and ambitious in recent months, and that this suggests some possible outside assistance from bigger groups or governments. But the SEA took issue with this characterization.
"We are not really sure whether this is an indication of racism or something else, why are Syrians considered primitive?" the SEA said. "We were the people who started civilization and gave the world the alphabet after all, is it so difficult to believe that we are just as capable in modern times?"
To emphasize the point, the SEA added, "Clearly, we don't need or want any help."
If what we've seen from the SEA so far amounts to the full extent of its capabilities, then major cyber attacks against U.S. targets may not be in store--at least not from this group. The SEA also sought to delineate any action it might take against U.S. government and media targets from attacks on the American public, which would arguably be more harmful.
"We don't want to hurt anybody and we have many American friends and many Syrians live in America and were founders of the [Syrian] nation so we have no animosity towards it," the SEA said.
"We distinguish between the American people, the majority of whom are on our side, and the American government which will is in fact their oppressors. We have a bank of targets, some of which will help these Americans who have had enough of their government finally bury it in the dumpster of history."
Bravado and bluster. But so far, no big bangs. And it sure sounds like there aren't many coming.