More and more often, high profile websites and organizations are hacked because of their viewpoints on international politics instead of for lulz. In the last few days there have been several prime examples: Russia Today was hacked so “Nazi” was included in most headlines; Anonymous attacked and then leaked details about OpRussia and OpUkraine; and the Syrian Electronic Army threatened to topple U.S. Central Command (CENTCOM) like a “house of cards.”
SEA threatens to topple U.S. CENTCOM
On Friday, the Syrian Electronic Army (SEA) tweeted a series of “threats” to President Obama and U.S. CENTCOM regarding the U.S. potentially launching cyberattacks on Syria.
SEA has pulled off numerous high profile hacks since 2011, including attacks on Reuters, NPR, AP, CBS, The Guardian, Skype, CNN and mostly recently Forbes. While successfully using social engineering and phishing emails to then take over social media accounts is undoubtedly embarrassing for organizations, some cybersecurity experts consider the pro-Assad hacker group’s attacks to be more of a "nuisance" than a threat. Yet SEA threatened that an attack on U.S. CENTCOM would be a different type of attack than is typical for SEA.
Last year, TRADOC G-2 Intelligence Support Activity’s (TRISA) Complex Operation Environment and Threat Integration Directorate (CTID) issued a report warning the U.S. Army about SEA “nuisance attacks.” After outlining a timeline of hacks as well as SEA's techniques, the analyst assessment portion of the threat report concluded:
One of the more bizarre and interesting results of the SEA's growing prominence is its challenge to one of the most notorious and infamous international hacker groups. In what resembled cyber gangs fighting over territory, Anonymous and the SEA faced off on opposing sides of the Syrian conflict beginning in 2011. Attacks have been accompanied by the tough talk typical of two gangs, each trying to one-up the other. In September 2013, the SEA denied claims by Anonymous that it had hacked into SEA's system.
The SEA is clearly a force of disruption, and the long-term implications of its continued presence might very well remain what they are today – primarily a nuisance – or the implications might become more serious if the SEA’s message gains greater influence.
However, on Feb 28, SEA threatened to go far beyond being a cyber nuisance by proving that “the entire US command structure was a house of cards from the start.”
If the agency’s Twitter account is any indication, CENTCOM was totally unfazed. But according to Softpedia, "It’s worth noting that if the SEA has announced its intentions to attack the US Central Command, they probably already have some sort of access to the organization’s systems."
Hackers deface Russia Today with Nazi headlines
While some hacker groups will huff and puff threats through social media before attempting to blow its enemy over, others strike with no warning and then no one “officially” claims credit for the hack. On Saturday March 1, the website of the international Russian news network Russia Today was hacked. The unknown attackers primarily defaced RT.com headlines by replacing words like “Russia,” “Russians” or “military” with “Nazi.” Yet it wasn’t only headlines related to the conflict in Ukraine as Google cache also shows "Limit surveillance to ‘terrorist communication,’ says outgoing Nazi boss."
RT is “funded entirely by the government of the Russian Federation, and an alleged pro-Russian bias has made the outlet a target for those on the side of Ukraine." Business Insider added, “The attack on the pro-Kremlin news organization” came “less than 24 hours after the Russian parliament approved the use of military force in Ukraine's Crimea. The station's coverage of the situation has approvingly sided with Russian President Vladimir Putin on using troops in Crimea, who has said the military intervened to ‘protect the people’."
Other RT Nazi-defaced headlines included, "Nazi Navy flagship takes Russia’s side – report," “Russian senators vote to use stabilizing Nazi forces on Ukrainian territory,” “Thousands rally against ‘illegitimate govt’, raise Nazi flags in eastern Ukraine” and "up to 143,000 Nazis requested asylum in Russia in two weeks."
RT tweeted that it was aware hackers had cracked into admin access to deface the site. After about 30 minutes, the word “Nazi” was erased from all headlines.
Anonymous OpUkraine hacks Russian government and leaks digital dirt
Although Anonymous OpUkraine did not take credit for hacking RT, it has been busy attacking the Russian government and leaking OpRussia payloads on Pastebin, including crownservice.ru on March 1 and legalru.ru on March 2.
According to the hacker group:
Just to review what's been going on, we've now shut down the website of the Russian military, hacked more than 10 of their high-traffic websites -- including government sites, raped Putin with a barbed-wire stick, backdoored multiple government sites and kept a score of how many times we've owned Putin and how many times he hasn't owned us.
As there seems to be no light at the end of the Russia vs Ukraine tunnel, more hacks are likely.