A group of Syrian hackers, calling themselves the Syrian Electronic
Army (SEA) and loyal to the beleaguered Assad dictatorship in Syria,
have been grabbing a lot of headlines in the last year for their
increasing number of Internet based attacks.
However, this tends to be low level stuff, like breaking into Twitter accounts. The Assads remained power for decades by favoring the most talented, best educated and wealthy families at the expense of everyone else and now many of those Syrians are supporting the Assads anyway they can. For the last two years the 80 percent who were left out have been in open rebellion and early on the SEA showed up to help their families hang on to their wealth and position in Syria.
The SEA has not made any really sophisticated hacks and appear to be young, well-educated and savvy computer users who knew enough to get access to the underground hacker market place where all sorts of hacking tools and services are for sale. SEA has used these to publicize their cause (via defacing of anti-Assad websites) and seeking to identify rebel leaders, especially those operating inside Syria. This intel collection effort does not get much publicity but it is probably more helpful than the low-level hacks. That’s because the Assad secret police are still very active inside Syria and have been effective in finding and capturing (or just killing) lots of rebels.
Occasionally SEA will get really ambitious. Last May SEA attempted to take control of the water system in an Israeli city (Haifa). The effort failed, although the attackers had reasonable expectations that they might succeed. That’s because earlier that year an American Internet security firm set up three honey pot servers to measure the extent that hackers are attacking SCADA (supervisory control and data acquisition) and ISC (industrial control system) targets. The response by hackers was surprising and scary, and the hackers going after Haifa apparently knew this. But the Israelis also knew of the danger and took precautions.
At the heart of modern industry are the ISC and SCADA systems which control motors, sensors, alarms, pumps, valves, and other essential equipment. Water systems are among the most common SCADA systems. The successful hack of SCADA systems allows the attacker to take remote control of these systems. Options for the attacker include turning off safety systems in a nuclear reactor, opening or shutting a dam’s overflow sluices, opening oil pipelines to contaminate sea or land, or shutting down water supplies and sewage systems for large numbers of people.
There are a lot of Arab, and Moslem, hacking groups like SEA and one thing they all have in common is a desire to stick it to Israel. That has proved difficult, despite the degree to which the Israeli economy is dependent on the Internet. Fortunately for Israel, many of the most successful and talented Internet security experts and companies are Israeli. The Israeli government has also been energetic in supporting Internet security measures. Thus the constant Arab and Moslem attacks just make the Israeli defenses more formidable. Practice makes perfect, which is essential if you are playing defense in Cyber War.
However, this tends to be low level stuff, like breaking into Twitter accounts. The Assads remained power for decades by favoring the most talented, best educated and wealthy families at the expense of everyone else and now many of those Syrians are supporting the Assads anyway they can. For the last two years the 80 percent who were left out have been in open rebellion and early on the SEA showed up to help their families hang on to their wealth and position in Syria.
The SEA has not made any really sophisticated hacks and appear to be young, well-educated and savvy computer users who knew enough to get access to the underground hacker market place where all sorts of hacking tools and services are for sale. SEA has used these to publicize their cause (via defacing of anti-Assad websites) and seeking to identify rebel leaders, especially those operating inside Syria. This intel collection effort does not get much publicity but it is probably more helpful than the low-level hacks. That’s because the Assad secret police are still very active inside Syria and have been effective in finding and capturing (or just killing) lots of rebels.
Occasionally SEA will get really ambitious. Last May SEA attempted to take control of the water system in an Israeli city (Haifa). The effort failed, although the attackers had reasonable expectations that they might succeed. That’s because earlier that year an American Internet security firm set up three honey pot servers to measure the extent that hackers are attacking SCADA (supervisory control and data acquisition) and ISC (industrial control system) targets. The response by hackers was surprising and scary, and the hackers going after Haifa apparently knew this. But the Israelis also knew of the danger and took precautions.
At the heart of modern industry are the ISC and SCADA systems which control motors, sensors, alarms, pumps, valves, and other essential equipment. Water systems are among the most common SCADA systems. The successful hack of SCADA systems allows the attacker to take remote control of these systems. Options for the attacker include turning off safety systems in a nuclear reactor, opening or shutting a dam’s overflow sluices, opening oil pipelines to contaminate sea or land, or shutting down water supplies and sewage systems for large numbers of people.
There are a lot of Arab, and Moslem, hacking groups like SEA and one thing they all have in common is a desire to stick it to Israel. That has proved difficult, despite the degree to which the Israeli economy is dependent on the Internet. Fortunately for Israel, many of the most successful and talented Internet security experts and companies are Israeli. The Israeli government has also been energetic in supporting Internet security measures. Thus the constant Arab and Moslem attacks just make the Israeli defenses more formidable. Practice makes perfect, which is essential if you are playing defense in Cyber War.
No comments:
Post a Comment