The Syrian Electronic Army is a group of pro-Assad hackers, believed to have at least the tacit support of the Syrian government, that uses the Internet to protest against Syrian rebel supporters. “Over the past few months, their primary means of attack has been to overload the social networking profiles of government institutions and Western media outlets, flooding the Facebook pages of ABC News, the Telegraph, Oprah Winfrey, and the U.S. Department of Treasury with pro-Assad messages,” reported The Atlantic back in 2011 shortly after it too had been attacked.
Its primary purpose seems to be propaganda-based; attacking pro-rebel propaganda and delivering its own pro-Assad propaganda. On Thursday it used the highest profile of its targets, the BBC Weather Twitter account, to deliver a series of tasteless humorous tweets attacking various countries that support the rebels. “The good news,” comments Graham Cluley in the NakedSecurity blog, “is that the hack doesn't appear to have been done with the intention of spreading malicious links, or scams. Instead, it appears that the Syrian Electronic Army are trying to spread political messages about Syria instead.”
Tweets included, “Saudi weather station down due to a head on-collision with camel”; “Tsunami alert for Haifa. Residents are advised to return to Poland.” One tweet alludes to UK financing for the rebels: “Scandal: Edinburgh storm warning station decommissioned after maintenance fund diverted to arming Syrian opposition.” Another alludes to Turkish support for the rebels: “Hazardous fog warning for North Syria: Erdogan orders terrorist to launch chemical weapons at civilian areas.”
How the hackers gained the passwords to hijack the accounts is not yet known. “Whether the legitimate owners of the @BBCWeather account were phished, had their password cracked, or made the mistake of using the same password in multiple places isn't currently clear,” notes Cluley. He reminds users to employ “hard-to-guess, hard-to-crack, unique passwords for your online accounts that you are not using anywhere else on the web.”
Recovering a hijacked Twitter account shouldn’t be too difficult. If the victim still has access to the account, he or she can simply change the password to something new (and unique) via the ‘settings/password’ option under the gear icon. If the hackers have altered the password, then recovery will take a little longer via a password reset request. In both cases, however, it is also worth checking any third party apps that are installed to make sure that nothing untoward has been added.
Cluley suggests that Twitter should consider offering “some additional levels of protection - such as two factor authentication.” David Gorodyansky, founder and CEO of AnchorFree, thinks the BBC should be more responsible itself. “The BBC, for its part, should be educating online users on how to protect their identity, not succumbing to the threats.”