The Syrian Electronic Army: Lessons to be learned

Davey Winder probes just who is doing just what and why, and asks what enterprises can learn from it.

Kenneth Geers, Senior Global Threat Analyst with FireEye, condenses his security advice into three easy lessons that every enterprise IT security department can takeaway:

Lesson #1: Techies must follow the news! With looming Western intervention in Syria, it was only logical that the hacktivist SEA would escalate its attacks, and that a key battleground for public opinion would be US media sites. Indeed, SEA targeted US newspapers, the US Marine Corps, and even a US college sports site, redirecting internet users to pro-Syria propaganda.

Because patriotic hackers seek free PR for their cause, there is a simple calculation here: the more visitors your site has, the more they want to attack it.

Lesson #2: Protect your flank. Sometimes, hackers use a frontal assault, such as by sending the victim a blizzard of meaningless data to achieve a denial-of-service. But if the front door is guarded, hackers can also ambush a target from the side, by exploiting third-party business relationships and data dependencies.

Admirals and Generals are taught to protect their flanks, but what about System Administrators? SEA tagged Twitter, New York Times, and other sites by sabotaging their Domain Name System (DNS) records, after finding weak links in their data supply chains.

Lesson #3: Train for social engineering. The SEA has used spear phishing, malformed URLs, and booby-trapped images of osculating movie stars to compromise their targets. Civilian website owners could use a little more military discipline. The Marine Corps hack, for example, was not in the .mil domain, but a recruiting site in the .com domain. For help, try two-factor authentication, locked domains, DNSSEC, and preparations to bypass DNS altogether by replacing human-readable addresses like www.nytimes.com with a computer-friendly IP address such as 170.149.168.130.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Most Popular

Cisco acquires container security startup Banzai Cloud
Security

Cisco acquires container security startup Banzai Cloud

18 Nov 2020
macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020