Syrian Electronic Army


The Syrian Electronic Army is a group of computer hackers which first surfaced online in 2011 to support the government of Syrian President Bashar al-Assad. Using spamming, website defacement, malware, phishing, and denial-of-service attacks, it has targeted terrorist organizations, political opposition groups, western news outlets, human rights groups and websites that are seemingly neutral to the Syrian conflict. It has also hacked government websites in the Middle East and Europe, as well as US defense contractors. the SEA has been "the first Arab country to have a public Internet Army hosted on its national networks to openly launch cyber attacks on its enemies".
The precise nature of SEA's relationship with the Syrian government has changed over time and is unclear.

Origins and historical context

In the 1990s Syrian President Bashar al-Assad headed the Syrian Computer Society, which is connected to the SEA, according to research by University of Toronto and University of Cambridge, UK.
There is evidence that a Syrian Malware Team goes as far back as January 1, 2011.
In February 2011, after years of Internet censorship, Syrian censors lifted a ban on Facebook and YouTube.
In April 2011, only days after anti-regime protests escalated in Syria, Syrian Electronic Army emerged on Facebook. In May 5, 2011 the Syrian Computer Society registered SEA’s website. Because Syria's domain registration authority registered the hacker site, some security experts have written that the group was supervised by the Syrian state. SEA claimed on its webpage to be no official entity, but "a group of enthusiastic Syrian youths who could not stay passive towards the massive distortion of facts about the recent uprising in Syria".
As soon as May 27, 2011 SEA had removed text that denied it was an official entity. One commentator has noted that " volunteers might include Syrian diaspora; some of their hacks have used colloquial English and Reddit memes.
According to a 2014 report by security company Intelcrawler, SEA activity has shown links with "officials in Syria, Iran, Lebanon and Hezbollah." A February 2015 article by The New York Times stated that "American intelligence officials" suspect the SEA is "actually Iranian". However, no data has shown a link between Iran's and Syria's cyber attack patterns according to an analysis of "open-source intelligence" by cyber security firm Recorded Future.

Online activities

SEA has pursued activities in three key areas:
The SEA's tone and style vary from the serious and openly political to ironic statements intended as critical or pointed humor: SEA had "Exclusive: Terror is striking the #USA and #Obama is Shamelessly in Bed with Al-Qaeda" tweeted from the Twitter account of 60 Minutes, and in July 2012 posted "Do you think Saudi and Qatar should keep funding armed gangs in Syria in order to topple the government? #Syria," from Al Jazeera's Twitter account before the message was removed. In another attack, members of SEA used the BBC Weather Channel Twitter account to post the headline, "Saudi weather station down due to head on-collision with camel." After Washington Post reporter Max Fisher called their jokes unfunny, one hacker associated with the group told a Vice interview 'haters gonna hate.'"

Operating system

On 31 October 2014, the SEA released a Linux distribution named SEANux.

Timeline of notable attacks

;2011
;2012
;2013
;2014
;2015
;2018