For the past three years, cyber-security research firm IntelCrawler has studied the Syrian Electronic Army using a combination of operatives, underground sources and public information. The result? A 94-page report that is among the most comprehensive studies of the prominent hacking group's activities.
I spoke recently with Dan Clements, IntelCrawler's president, to ask him what stood out among his company's findings about this shadowy organization. Here's what he said.
It's Not Just the Media, and Not Just About Syria
The group is likely best known for claiming responsibility for hacking The Associated Press's Twitter account and tweeting fake news about an attack on President Obama, which caused a steep but short-lived drop in the stock market. While SEA's mission is to disrupt media outlets, human-rights groups and governments that the group claims are disseminating "fake news" about the Syrian crisis and stirring opposition to President Bashar Al-Assad, the targets are far broader in scope.
IntelCrawler, which works with law enforcement agencies, outlined evidence in the report that it says shows links between the SEA and officials in Syria, Iran, Lebanon and Hezbollah, in addition to the group's theft of intelligence on weapons systems designed by U.S. defense contractors.
This group has a high level of sophistication that is "pretty amazing," Clements said. And given that the SEA is interested in more than just nuisance attacks on websites, that makes them dangerous.
"In June it will be three years since they've been doing their hacking deeds and they're still running wild," he said. "They're a full-blown cyber-espionage outfit. They're well-funded and well-organized."
Exploits Show Their Age
One of the attacks that IntelCrawler discovered - and said it helped stop - was a compromise of computer servers associated with the official websites of Britney Spears and Selena Gomez. Those attacks along with other information about SEA show how young these hackers are, Clements said.
"These are serious hackers," he said. "They have very specific targets. But they might go off the path and hack Britney. I can't really explain that."