Syrian Electronic Army Threatens to Hack CENTCOM

Sailors working at the Navy Cyber Defense Operations Command

Navy Media Content Services by Petty Officer 2nd Class Joshua Wahl

AA Font size + Print

Sailors working at the Navy Cyber Defense Operations Command

A group of anonymous hackers backing the Syrian government is threatening to take down U.S. Central Command. By Patrick Tucker

The Syrian Electronic Army takes to Twitter to threaten an attack on U.S. Central Command if the United States conducts cyberwarfare operations against Syria.

The shadowy hactivist group that supports the regime of Syrian President Bashar al-Assad warned on Friday that the strike would reveal “the U.S. command structure was a house of cards from the start.”

SEA also tweeted a warning to President Barack Obama:

CENTCOM officials didn’t immediately respond to a request for comment.

Bob Gourley, a former CTO for the Defense Intelligence Agency and editor of, said that while serious, an SEA attack would probably not disrupt CENTCOM operations. “This is a very capable group that has done some very significant things against well-defended targets. They may have found weaknesses in CENTCOM web servers that can be exploited. I believe this threat should be taken very seriously.”

 “If SEA has found a seam to exploit, expect that seam to be fixed and any defaced sites to return to normal operations soon. If large-scale flooding attacks (denial of service) are conducted, expect CENTCOM to work hard with other partners to mitigate them pretty quickly,” he said.

Since August, SEA has successfully hacked the Web sites or social network profiles of several major media outlets including The New York Times, The Associated Press, CNN, The Huffington Post and, recently, Forbes, from which the group stole more than one million user records (though user password encryption reportedly survived.)

In perhaps the group’s most brazen attack, earlier this month they changed the domain name registration for Facebook in the WHOIS domain registrar. By altering that record, the SEA was able to briefly heist formal ownership of Facebook right around the site’s 10th anniversary, a feat that the group celebrated with the following tweet to Facebook founder Mark Zuckerberg:

The group, however, was unable to direct visitors to new sites, which could be called the most important privilege of real ownership. The domain name problem was quickly fixed.

So far, the SEA has had “good results” in these sorts of name-change hacks according to Allan Friedman, author of the book Cybersecurity and Cyberwar: What Everyone Needs to Know.  It’s a tactic, he said, that illustrates a familiarity with web development and site building. But by themselves, domain registration attacks don’t rise to a level of high technical sophistication. Nor do they warrant great alarm, Friedman said.

“It’s rather surprising to hear of an advanced warning of this style of attack, since it’s pretty easy to lock down domains and content management systems in the face of such a warning” he said.

Posting the advanced notice to CENTCOM on Twitter did, however, suggest to Friedman an escalation of capabilities or that the SEA was forming new partnerships.

“A possible, although somewhat frightening, notion is that they are receiving some outside technical help and guidance from organizations that have a new interest in poking the U.S. and Western powers,” he said. ”We know that greater technical capacity lies in the organized crime gangs in Russia and the [former Soviet Union.] These parties have traditionally stayed out of politically-motivated attacks, with a few exceptions [Estonia, Georgia]. We can imagine that, if [Russian President Vladimir] Putin wanted to flex some muscle, he might let a few off the chain. The challenge would be to have plausible deniability, while still communicating to Western decision makers that this would be a potential ramification of interference in Crimean affairs,” Friedman said.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.