Syria and its ally Iran have been building cyberattack capabilities for years and soon might have a chance to use their skills in a hot war for the first time.
Former U.S. officials and cybersecurity scholars say Syria has a demonstrated cyberattack capability and could retaliate against anticipated Western military strikes against Syria for its suspected chemical weapons attack against civilians in the country’s 2-year-old civil war.
“It’s foreseeable that [Syrian] state-sponsored or state-sympathetic hackers could seek to retaliate” against U.S., Israeli or Western interests, Michael Chertoff, a former secretary of Homeland Security, told The Washington Times on Wednesday.
“We have already seen regional cyberactors, such as the Syrian Electronic Army, conduct attacks on U.S. targets,” added Rep. James R. Langevin, Rhode Island Democrat and a member of the House Armed Services Committee and the Permanent Select Committee on Intelligence.
The Syrian Electronic Army has successfully attacked computer networks used by U.S. media outlets — hacking the Twitter account of The Associated Press this year and mostly knocking The New York Times website offline for 20 hours Tuesday and Wednesday.
Attackers penetrated the company that manages the paper’s Internet domain, NYTimes.com, according to reports in the computer security trade press.
Hackers can relatively easily hide their tracks from all but the most extensive and time-consuming forensic efforts, but the Syrian Electronic Army has publicly claimed these attacks. In online postings, the group of hacker activists, or “hacktivists,” claim to be motivated by Syrian patriotism and to act independently of the regime in Damascus.
“It can be difficult to distinguish between hackers who are sympathetic to a regime and those directly [state] sponsored or controlled,” said Mr. Chertoff, co-founder and chairman of the Chertoff Group, a global security advisory firm.
Islamic hackers whom U.S. officials have linked to Iran have launched a series of increasingly powerful cyberattacks against the websites of major U.S. banks for almost a year.
Large U.S. financial institutions probably have the best cybersecurity of any nongovernmental entity, yet their websites have been driven offline by repeated attacks.
A self-described hacktivist group called Izad din al Qassam has claimed responsibility for the attacks, which they announce in advance.
The group says the attacks are designed to punish the United States for an Internet video, “Innocence of Muslims,” made by an Egyptian-American Coptic Christian, which portrays Islam’s Prophet Muhammad as a killer and pedophile. The Obama administration tried to blame the video for the terrorist attack last year at a U.S. diplomatic compound in Libya that killed Ambassador J. Christopher Stevens and three other Americans.
But the kind of cyberattack that most alarms national security specialists took place a year ago and was aimed at the Saudi Arabian state oil company, Aramco.
A virus called Shamoon infected the company’s computer network and wiped data from more than 30,000 computers, effectively destroying all the information on the system.
A similar attack on a bank could destroy digital records of customer accounts.