The Telegraph and the Financial Times have become the latest targets in a string of cyber-attacks against news outlets. Responsibility for the hacking has been attributed to the so-called Syrian Electronic Army (SEA), a hacker group reportedly affiliated with Bashir al-Assad’s government in Syria. The migration of Syria’s civil war online holds implications not only for the conflict itself, but for the diffusion of cyber warfare capabilities globally.
From Aleppo to Facebook
The SEA emerged in May 2011 at the onset of the Syrian uprising. The official website of the SEA initially proclaimed the group not as an official body, but rather a group of young, patriotic Syrians loyal to their country. The group began by defacing pro-opposition Facebook pages, who like their compatriots in Egypt and Tunisia, organized in large part through social media. The group moved quickly to larger game, namely media outlets deemed to be too pro-opposition, but this has proved a relatively elastic term. The OpenNet Initiative estimates that 122 web sites have been attacked by the SEA, including the BBC, NPR, the Onion, al-Arabia, and Human Rights Watch.
As the Onion has documented, the SEA gained access through a phishing scheme. Employees were redirected to sites which asked them to enter their Google Apps credentials, which then utilised this account to contact other employees. The same tactic was also employed against the AP and the Guardian. Though phishing is regarded as a simple hacking method, poor internet security awareness has allowed the SEA to gain access to some of the most prominent news sources in the world.
The SEA hasn’t limited their activities to defacing websites. The group’s most destructive attack came in April with the hacking of the Associated Press’s Twitter account. Two minutes after tweeting that a bomb had been detonated in the White House, the Dow Jones dropped nearly one percent – a dip of $136 billion. On May 6th, the SEA attempted to hack Haifa’s water system. The Saudi Arabia Ministry of Defense’s mail system was also breached by the SEA on May 19. Such attacks are a reminder of the very real consequences that cyber warfare can have in the physical world.
Implications for Canada
The implications for Canadians are straight-forward. Canadian targets, whether news sources or government websites, are not immune to cyber-attacks originating from hostile groups. Ottawa may not be taking nearly as strong a line against Assad as the U.S. or the EU, but the SEA may deem Canadian sites valid targets by virtue of Canada’s place in the transatlantic community.
The havoc wrought by the SEA indicates a clear diffusion of cyber-warfare capabilities to less powerful international actors. To grapple with this threat, Canadian cyber defenses need to be bolstered. As the NATO Council’s Radha Patel has previously noted, protection against cyber-attacks must come in the form of bolstering capabilities, rather than the creation of new laws. Such an initiative enjoys wide support among Canadians; in a recent poll conducted by the Asia Pacific Foundation of Canada, 85% polled agree that Canada should do more to prevent cyber-attacks.
The ground work for such a strategy has already been laid. In 2010, Ottawa outlined a national strategy on cyber security, comprised of three key pillars: securing government systems, aiding in securing vital non-governmental systems, and helping Canadians remain secure online. This initiative should continue to push ahead, and focus specifically upon improving online security training for government employees to avoid phishing tactics as employed by the SEA. With regards to partnering with non-federal cyber systems, Ottawa’s focus is rightly upon responding to cyber-attacks. The Cyber Incident Management Framework is set to launch in fall 2013, allowing for a streamlined and coordinated system to respond to attacks on vital networks (such as banks or news outlets).
In addition, the landmark Tallinn Manual on the International Law Applicable to Cyber Warfare, prepared at the behest of the NATO Cooperative Cyber Defence Centre of Excellence, has delineated ground rules on the conduct of cyber warfare. This manual advocates coordinating cyber defense strategies between NATO members. Building on national and international frameworks allows for a multi-pronged defense strategy to blunt online threats. Though it has been restated a multitude of times, the cyber-attacks present a very real danger to conducting foreign affairs.
Much attention has been focused on the higher-stakes cyber-attacks between China and the United States, but the actions of the SEA underscore the increasing diffusion of cyber warfare capabilities across the globe. Cyber warfare capabilities are no longer restricted to Great Powers. If the embattled regime of Bashir al-Assad, controlling little more than the Syrian coast and Damascus, can utilise decentralized hacker groups to such great effect, a hostile state at full-strength will be able to wreak considerably more damage. Sub-state actors like the Syrian Electronic Army have shown that cyber warfare will only become a more prevalent fixture of modern conflicts.
The Canadian government has taken proactive steps to address this threat. It must be remembered however, that there is no El Dorado which, once reached, will ensure strategic dominance in digital security. Cyber security is an ever-evolving concept requiring constant maintenance –Ottawa is on the right path, so long as policymakers grasp this concept.