Canada Cyber Security and Emerging Threats Daniel Bodirsky

Syrian Electronic Army: Digitialization of Syria’s War and the Diffusion of Cyber Warfare

The Telegraph and the Financial Times have become the latest targets in a string of cyber-attacks against news outlets. Responsibility for the hacking has been attributed to the so-called Syrian Electronic Army (SEA), a hacker group reportedly affiliated with Bashir al-Assad’s government in Syria. The migration of Syria’s civil war online holds implications not only for the conflict itself, but for the diffusion of cyber warfare capabilities globally.

From Aleppo to Facebook

The SEA emerged in May 2011 at the onset of the Syrian uprising. The official website of the SEA initially proclaimed the group not as an official body, but rather a group of young, patriotic Syrians loyal to their country. The group began by defacing pro-opposition Facebook pages, who like their compatriots in Egypt and Tunisia, organized in large part through social media. The group moved quickly to larger game, namely media outlets deemed to be too pro-opposition, but this has proved a relatively elastic term. The OpenNet Initiative estimates that 122 web sites have been attacked by the SEA, including the BBC, NPR, the Onion, al-Arabia, and Human Rights Watch.

As the Onion has documented, the SEA gained access through a phishing scheme. Employees were redirected to sites which asked them to enter their Google Apps credentials, which then utilised this account to contact other employees. The same tactic was also employed against the AP and the Guardian. Though phishing is regarded as a simple hacking method, poor internet security awareness has allowed the SEA to gain access to some of the most prominent news sources in the world.

The SEA hasn’t limited their activities to defacing websites. The group’s most destructive attack came in April with the hacking of the Associated Press’s Twitter account. Two minutes after tweeting that a bomb had been detonated in the White House, the Dow Jones dropped nearly one percent – a dip of $136 billion. On May 6th, the SEA attempted to hack Haifa’s water system. The Saudi Arabia Ministry of Defense’s mail system was also breached by the SEA on May 19. Such attacks are a reminder of the very real consequences that cyber warfare can have in the physical world.

The Dow Jones on April 23. The Syrian Electronic Army had breached the AP's Twitter account and tweeted that a bomb had exploded in the White House.

Implications for Canada

The implications for Canadians are straight-forward. Canadian targets, whether news sources or government websites, are not immune to cyber-attacks originating from hostile groups. Ottawa may not be taking nearly as strong a line against Assad as the U.S. or the EU, but the SEA may deem Canadian sites valid targets by virtue of Canada’s place in the transatlantic community.

The havoc wrought by the SEA indicates a clear diffusion of cyber-warfare capabilities to less powerful international actors. To grapple with this threat, Canadian cyber defenses need to be bolstered. As the NATO Council’s Radha Patel has previously noted, protection against cyber-attacks must come in the form of bolstering capabilities, rather than the creation of new laws. Such an initiative enjoys wide support among Canadians; in a recent poll conducted by the Asia Pacific Foundation of Canada, 85% polled agree that Canada should do more to prevent cyber-attacks.

The ground work for such a strategy has already been laid. In 2010, Ottawa outlined a national strategy on cyber security, comprised of three key pillars: securing government systems, aiding in securing vital non-governmental systems, and helping Canadians remain secure online. This initiative should continue to push ahead, and focus specifically upon improving online security training for government employees to avoid phishing tactics as employed by the SEA. With regards to partnering with non-federal cyber systems, Ottawa’s focus is rightly upon responding to cyber-attacks. The Cyber Incident Management Framework is set to launch in fall 2013, allowing for a streamlined and coordinated system to respond to attacks on vital networks (such as banks or news outlets).

In addition, the landmark Tallinn Manual on the International Law Applicable to Cyber Warfare, prepared at the behest of the NATO Cooperative Cyber Defence Centre of Excellence, has delineated ground rules on the conduct of cyber warfare. This manual advocates coordinating cyber defense strategies between NATO members. Building on national and international frameworks allows for a multi-pronged defense strategy to blunt online threats. Though it has been restated a multitude of times, the cyber-attacks present a very real danger to conducting foreign affairs.

Much attention has been focused on the higher-stakes cyber-attacks between China and the United States, but the actions of the SEA underscore the increasing diffusion of cyber warfare capabilities across the globe. Cyber warfare capabilities are no longer restricted to Great Powers. If the embattled regime of Bashir al-Assad, controlling little more than the Syrian coast and Damascus, can utilise decentralized hacker groups to such great effect, a hostile state at full-strength will be able to wreak considerably more damage. Sub-state actors like the Syrian Electronic Army have shown that cyber warfare will only become a more prevalent fixture of modern conflicts.

The Canadian government has taken proactive steps to address this threat. It must be remembered however, that there is no El Dorado which, once reached, will ensure strategic dominance in digital security. Cyber security is an ever-evolving concept requiring constant maintenance –Ottawa is on the right path, so long as policymakers grasp this concept.

Daniel Bodirsky
Daniel is an Asia-Pacific Research Analyst with the NATO Association of Canada. He is currently an MSc candidate in Strategic Studies at the S. Rajaratnam School of International Studies in Singapore. Daniel was previously based in Hanoi, Vietnam, where he wrote freelance for a number of online publications and tutors English. Daniel’s research interests concern security in the Asia-Pacific, specifically the rise of China-balancing coalitions in Southeast Asia and Canadian interests in the region. He is a former Program Editor at the NAOC. Daniel received his BAH from Queen’s University, where he majored in Political Studies with a Minor in World Languages (German, French, Japanese). Contact: Twitter: @danbodirsky