Syrian Electronic Army: If U.S. Attacks 'We Will Target All of It'
The mysterious pro-Assad hacker group known as the Syrian Electronic Army was back in the spotlight this week, when it hijacked The New York Times and Twitter Internet domains.
Following the attack, which was just the latest in a long string of successful hacks at the expense of Western media outlets, the purported official Twitter account of the hacking group tweeted a Gmail email address in response to a media request for contact.
I contacted the group — or at least the people claiming to be part of the group — to ask a few questions and exchanged a series of emails with them.
The people behind the Gmail account — who declined to give any personal information about themselves — responded quickly, saying they'd get back to me as soon as possible. They seemed pretty courteous as well, addressing me with a "Dear Lorenzo," thanking me for contacting them, and even sending me another email a few hours later just to inform me that they were still "working on it."
First, I asked them to somehow verify that they were the same people behind the@Official_SEA16, the group's Twitter account they had recently used to announce their hacks against The New York Times and Twitter.
In response, the group followed me on Twitter and responded to one of my direct messages. This only proves the same people that control the Twitter account also control syrian.es.sy@gmail.com.
Below, I pasted my full email correspondence with the group. My questions are printed inbold text. The answers from the alleged Syrian Electronic Army (SEA) representatives are completely unedited.
Q&A With Syrian Electronic Army
How many people are in your group?
We have tens of thousands of members that have different roles according to their abilities with more people joining everyday or volunteering. We have a special operations division that you are probably asking about and we have more than ten specialists. Every member of the SEA counts no matter what their abilities are, everyone contributes to fight the media war against our country, that is why we are an army and not just a hacking group.
Are you all based in Syria?
Yes, we are all based in Syria.
This answer slightly differs to the one given by an alleged SEA hacker nicknamed "The Shadow," who told ABC News that "most" of the SEA members are located in Syria.
Do you have any contacts or support from Chinese hackers?
I asked this because I was curious to know if they had contacts with the more skilled Chinese hackers, who the U.S. government often mentions as one of the biggest threats to American national security.
None of us speak Chinese so I don't see how we would communicate with them. Also, the Chinese hackers tend to attack American targets to steal information and then sell it to companies that undermine US manufacturers. We have been attacking the media, do you know any Chinese group that does that, even at the height of frictions during the Chinese olympics [sic]? Clearly, all these allegations that other nations are helping us is an attempt to undermine people's impression of the Syrian people's capabilities, it is an indirect form of racism.
Were you members of any other hacking group before forming the SEA?
None of us were, the war on Syria brought us all together.
On Wednesday, Motherboard, and security reporter Brian Krebs published two separatestories claiming to identify two members of the SEA.
Motherboard named Hatem Deeb, identifying him as "Th3 Pr0," while Krebs exposed Mohammed Osman, and initially mistakenly claimed he was the same person as Mohamad AlKarem. Mashable's Fran Berkman argued that Osman and AlKarem are most likely different people.
Two stories from yesterday claim to have identified some of your members, can you comment on these two stories? Is Mohammed Osman one of your leaders? What about Hatem Deeb?
The story has been the source of amusement and laughter for all of us. Neither Hatem Deeb nor Mohammed Osman are hackers, but are both friends of ours that they are trying to intimidate in order to blackmail us. What they're doing is actually illegal and irresponsible, they even posted a photograph of a random guy that none of us could identify and called him the leader of the SEA. Knowing what Obama's Al Qaeda terrorists are capable of, do these news sites really want blood no their hand? Because if so, we will make them pay the price for it.
Note that they say Deeb and Osman are "friends of ours."
What about Mohamad Abd AlKarem? Some claimed he was the same person as Osman, but, as we reported Thursday, he most likely isn't.
We said that the information is false, We don't know anything about Osman nor Abd Alkarem, The media is not about publishing innocent people name and say that they are members of SEA, the terrorists can track and kill them, we were shocked when we see innocent people names and pictures on Vice/KerbsonSecurity claiming that they are a part of SEA, then they updated their articles with denies, and for what? for some attention?
You say Osman and Deeb are "friends" what does that mean? What do they do for you? Has Osman done some graphics for you?
That mean they are not even members of SEA, We have many fans and anyone of them can make some graphics, we didn't request anything from anyone.
Do you take orders from the government or you're just in support of Assad?
We don't take orders from anyone and in fact, given that the Syrian Computer Society (SCS) succumbed to American pressure and closed down our website, it should be clear that we have no government support as no one from the state told them to retain it. Assad is the leader of the country and when your country goes into war, you must support its leader and its army for the nation to survive.
The group is referring to an incident at the end of May, when the state-controlled Syrian Computer Society stopped hosting the group's official website, as the SEA explains in this announcement.
Your main site got hacked in the past, what happened, how much sensitive data did you lose in the hack?
In this question I refer to something that Krebs mentioned in his story on Tuesday, when he wrote that the website of the SEA was hacked, according to one of his confidential sources. During the hack, "the attacker(s) gained access to the virtual servers that hosted the SEA’s site and downloaded the entire user database for sea.sy and syrianelectronicarmy.com," collecting usernames and passwords.
Some of these passwords are allegedly the same passwords that some of the hackers use for their Hotmail, MSN and Outlook accounts, according to Krebs, who also posted a screenshot of a portion of the database that the attacker got his or her hands on.
We can guarantee our website has never been hacked, those who claim to have hacked it should publish their evidence. Don't hold your breath. In any case we do not have any sensitive or personal data on a public server. We are a distributed group, most of what we have and need is on our own machines and we collaborate on IRC.
How would you respond to people who say that your techniques are amateur?
We challenge any of the haters to go out and hack even one of the websites we have penetrated. They will claim they don't attack the media, but then the same hypocrites go out and DDoS Syrian news sites like SANA. Isn't it ironic that they were not able to penetrate Syrian media sites all this time?Furthermore, you can ask the Harvard administrators how "amateur" the hacking of its website was [referring to their hack of the university's website], they will let you know. We don't have to use our most powerful techniques when majority of the targets have their front door open. War is all about retaining your trump cards for the final battle.
Why do you always announce your hacks? Wouldn't you be more effective if your operations were covert and secret?
Who ever said we announce ALL of our attacks? ;) In fact, our most effective attacks have been completely covert and only when the war ends will we reveal our involvement. We are supporting Syria in every way we can and our successful operations will be made known when we all celebrate our sweet sweet victory.That said, a lot of questionable media have attempted to pin attacks by others, or fake attacks, on the SEA in order to undermine us. One very low quality media outlet claimed [perhaps here they are referring to this] we attacked an Israeli SCADA system [a type of industrial control system]. Despite our denial, the claim persisted until the Israelis themselves denied the attack. So to make sure things are clear, if we deny involvement in an attack, this is the truth and it definitely does not mean it is a covert operation.
What's your plan in case of a U.S. attack on Syria? What are your capabilities? Are you going to start attacking U.S. government targets or keep focusing on the media?
The moment the US government breaks international law by attacking the sovereign state of Syria, it has given up any rights to complain about being targeted by us or any other group around the world, as it would have lost all legitimacy. Yes, we will target all of it.
Have you tried to hack Mashable? If so, why? And what would you do if you successfully hack us?
We haven't made any attempts against Mashable because one member of the group is a big fan and asked us not to. But you guys better stay off our naughty list!!!
What are your thoughts on Anonymous? Who do you think are the best hacking groups in the world?
Anonymous is not really a group but an idea, some of them have shown great skill and endurance in the case of the offshoot LulzSec. Unfortunately for them, they chose to flaunt their power and were eventually penetrated by the FBI and used to attack foreign governments including Syria. Otherwise, it has mainly been their usual vector: DDoS. It's not fair to say who the best hacking group, but groups like TeaMp0isoN and RedHack have been effective.
You said you have no ties to Chinese hackers, what about Iranian hackers?
The group initially ignored this question, but they did answer later when I asked again.
Why is your website down?
We are using syrianelectronicarmy.com as DNS server, but Name.com company suspended it, and that's why the website down.
Why are you giving us (and other Western media) answers if these are the same organizations that you attack and blame for misinformation about Syria?
Through our answers we can also deliver our message about what is happening in Syria to all that media followers.
Is there another way to talk to you? Skype, encrypted chat or phone?
We're sorry but we can't talk to anyone on Skype now or ever.
Why do you use Gmail? Aren't you worried about NSA surveillance? Do you use different email using your own servers and PGP for more sensitive communications?
There are not sensitive information in this email, we contact each others through secure channels.
Thanks, what kind of security do you use? PGP? OTR? Silent Circle maybe? What kind of encryption. Also, I think you forgot to answer about Iranian hackers (You said you have no ties to Chinese hackers, what about Iranian hackers?)
We use IRC channels, and we don't have any connection with Iranian/Russian/Chinese hackers.
http://mashable.com/2013/08/30/syrian-electronic-army-interview/
No comments:
Post a Comment