Syrian Electronic Army Threatens to Hack CENTCOM

Sailors working at the Navy Cyber Defense Operations Command

Navy Media Content Services by Petty Officer 2nd Class Joshua Wahl

AA Font size + Print

Sailors working at the Navy Cyber Defense Operations Command

A group of anonymous hackers backing the Syrian government is threatening to take down U.S. Central Command. By Patrick Tucker

The Syrian Electronic Army takes to Twitter to threaten an attack on U.S. Central Command if the United States conducts cyberwarfare operations against Syria.

The shadowy hactivist group that supports the regime of Syrian President Bashar al-Assad warned on Friday that the strike would reveal “the U.S. command structure was a house of cards from the start.”

SEA also tweeted a warning to President Barack Obama:

CENTCOM officials didn’t immediately respond to a request for comment.

Bob Gourley, a former CTO for the Defense Intelligence Agency and editor of, said that while serious, an SEA attack would probably not disrupt CENTCOM operations. “This is a very capable group that has done some very significant things against well-defended targets. They may have found weaknesses in CENTCOM web servers that can be exploited. I believe this threat should be taken very seriously.”

 “If SEA has found a seam to exploit, expect that seam to be fixed and any defaced sites to return to normal operations soon. If large-scale flooding attacks (denial of service) are conducted, expect CENTCOM to work hard with other partners to mitigate them pretty quickly,” he said.

Since August, SEA has successfully hacked the Web sites or social network profiles of several major media outlets including The New York Times, The Associated Press, CNN, The Huffington Post and, recently, Forbes, from which the group stole more than one million user records (though user password encryption reportedly survived.)

In perhaps the group’s most brazen attack, earlier this month they changed the domain name registration for Facebook in the WHOIS domain registrar. By altering that record, the SEA was able to briefly heist formal ownership of Facebook right around the site’s 10th anniversary, a feat that the group celebrated with the following tweet to Facebook founder Mark Zuckerberg:

The group, however, was unable to direct visitors to new sites, which could be called the most important privilege of real ownership. The domain name problem was quickly fixed.

So far, the SEA has had “good results” in these sorts of name-change hacks according to Allan Friedman, author of the book Cybersecurity and Cyberwar: What Everyone Needs to Know.  It’s a tactic, he said, that illustrates a familiarity with web development and site building. But by themselves, domain registration attacks don’t rise to a level of high technical sophistication. Nor do they warrant great alarm, Friedman said.

“It’s rather surprising to hear of an advanced warning of this style of attack, since it’s pretty easy to lock down domains and content management systems in the face of such a warning” he said.

Posting the advanced notice to CENTCOM on Twitter did, however, suggest to Friedman an escalation of capabilities or that the SEA was forming new partnerships.

“A possible, although somewhat frightening, notion is that they are receiving some outside technical help and guidance from organizations that have a new interest in poking the U.S. and Western powers,” he said. ”We know that greater technical capacity lies in the organized crime gangs in Russia and the [former Soviet Union.] These parties have traditionally stayed out of politically-motivated attacks, with a few exceptions [Estonia, Georgia]. We can imagine that, if [Russian President Vladimir] Putin wanted to flex some muscle, he might let a few off the chain. The challenge would be to have plausible deniability, while still communicating to Western decision makers that this would be a potential ramification of interference in Crimean affairs,” Friedman said.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Top 5 Findings: Security of Internet of Things To Be Mission-Critical

    As federal agencies increasingly leverage these capabilities, government security stakeholders now must manage and secure a growing number of devices, including those being used remotely at the “edge” of networks in a variety of locations. With such security concerns in mind, Government Business Council undertook an indepth research study of federal government leaders in January 2017. Here are five of the key takeaways below which, taken together, paint a portrait of a government that is increasingly cognizant and concerned for the future security of IoT.

  • Coordinating Incident Response on Posts, Camps and Stations

    Effective incident response on posts, camps, and stations is an increasingly complex challenge. An effective response calls for seamless conversations between multiple stakeholders on the base and beyond its borders with civilian law enforcement and emergency services personnel. This whitepaper discusses what a modern dispatch solution looks like -- one that brings together diverse channels and media, simplifies the dispatch environment and addresses technical integration challenges to ensure next generation safety and response on Department of Defense posts, camps and stations.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation


When you download a report, your information may be shared with the underwriters of that document.