IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

The Syrian Electronic Army: Lessons to be learned

Davey Winder probes just who is doing just what and why, and asks what enterprises can learn from it.

Kenneth Geers, Senior Global Threat Analyst with FireEye, condenses his security advice into three easy lessons that every enterprise IT security department can takeaway:

Lesson #1: Techies must follow the news! With looming Western intervention in Syria, it was only logical that the hacktivist SEA would escalate its attacks, and that a key battleground for public opinion would be US media sites. Indeed, SEA targeted US newspapers, the US Marine Corps, and even a US college sports site, redirecting internet users to pro-Syria propaganda.

Because patriotic hackers seek free PR for their cause, there is a simple calculation here: the more visitors your site has, the more they want to attack it.

Lesson #2: Protect your flank. Sometimes, hackers use a frontal assault, such as by sending the victim a blizzard of meaningless data to achieve a denial-of-service. But if the front door is guarded, hackers can also ambush a target from the side, by exploiting third-party business relationships and data dependencies.

Admirals and Generals are taught to protect their flanks, but what about System Administrators? SEA tagged Twitter, New York Times, and other sites by sabotaging their Domain Name System (DNS) records, after finding weak links in their data supply chains.

Lesson #3: Train for social engineering. The SEA has used spear phishing, malformed URLs, and booby-trapped images of osculating movie stars to compromise their targets. Civilian website owners could use a little more military discipline. The Marine Corps hack, for example, was not in the .mil domain, but a recruiting site in the .com domain. For help, try two-factor authentication, locked domains, DNSSEC, and preparations to bypass DNS altogether by replacing human-readable addresses like www.nytimes.com with a computer-friendly IP address such as 170.149.168.130.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022