“Breaking: Two Explosions in the White House and Barack Obama is injured.”
The tweet from the Associated Press’ Twitter account on April 23rd looked suspicious. It wasn’t written in the trademark style ubiquitous among anything branded with the AP’s logo. It was sent direct from the Twitter website. It didn’t use “BREAKING” and wasn’t signed with initials. Within minutes, it was debunked by several AP staffers on Twitter.
Still it sent the Dow Jones into a flash fall, with the index dropping more than 100 points before recovering. It also a disclaimer from an Associated Press employee at that day’s White House press briefing that their Twitter account had been compromised.
That kind of attention is exactly what the hackers wanted. They call themselves the Syrian Electronic Army, a group of four young students angered by what they consider is the spread of misinformation and lies by foreign news organizations. To date, the group has claimed attacks on nearly a dozen Twitter accounts and at least two blogging platforms belonging to western news organizations — all in the name of defending their homeland.
Recently I interviewed two members of the Syrian Electronic Army: “Th3Pr0,” who calls himself one of the leaders of the group and “Shadow,” who is said to have been responsible for a recent phishing attack on the Twitter account of the satirical news site The Onion. What follows is a slightly edited transcript of my conversation. Punctuation and capitalization were added in some places, and some text was removed to protect privacy [noted in brackets].
Matthew Keys: You call yourself “Th3Pr0.” Would you say you’re the leader, or a leader, of the Syrian Electronic Army?
Th3Pr0: A leader. Not the leader.
MK: Where are you based?
TP: I’m in Syria.
MK: You describe yourself as an “army.” How many people are part of the SEA?
TP: We have many members, and they are all part of the Army. You can say hundreds, thousands. Many Syrians joined us since the beginning on social media pages / accounts.
MK: How many people in the SEA are directly responsible for the attacks on websites and Twitter accounts though?
TP: Four hackers.
MK: Are you one of the four hackers?
MK: How many Twitter accounts belonging to news organizations have you compromised? Which ones do you claim responsibility?
TP: Al Jazeera, Al Arabiya, CBS, AP, AFP, EOnline, Guardian. Also FIFA, Qatar Foundation, but (they’re) not news organizations, you know. BBC, NPR too. Deutsche Welle. France 24. You can say 11 news organizations.
MK: The Onion published a report a few days ago detailing how they think you were able to compromise their account. It involved sending bogus emails with phishing links. Is that the method you’ve been using? Do you have any other methods?
TP: That’s one of our methods, but not the only one. We use multi-methods. But that method was very useful on The Onion. We hacked the head of IT on their company, and we take full control of their mail system. Sure they will not say that :)
MK: Who is the head of IT for The Onion?
TP: I think his email is [email]. I’m not sure about the name. [After doing a search on the email address, I came across a name. The name wasn't associated with anyone who worked for The Onion's IT department. I sent the name to Th3Pr0.] I’m not sure about the name really. My friend The Shadow did the attack, so I don’t have much details, but he gained access to their mail system panel and changed the password of the email that is linked to all their Twitter accounts.
MK: Do you still have access to The Onion’s Twitter accounts or email system?
MK: Do you still have access to the Twitter accounts of any of the news organizations you phished?
MK: Why is the Syrian Electronic Army targeting western news organizations?
[At this point in the conversation, "Th3Pr0" says he has to go and refers me to another member of the SEA. This member uses the moniker "Shadow." He is, according to "Th3Pr0," responsible for the attack on The Onion's Twitter account. I ask him the same question.]
Shadow: We are targeting who publishes something bad about Syria. Like news unfounded, fabricated, forged.
MK: The Onion isn’t a legitimate news organization. They’re satire, they make fun of the news. So why target them?
Shadow: We have a specific task, spread truth on Internet.
MK: But many of the tweets you send don’t contain truth. The tweet sent on the AP account talked about explosions at the White House that didn’t happen. The tweet on E’s account talked about a pop star’s sexuality. How do those tweets fit in with the SEA’s mission of spreading truth?
Shadow: That is normal. America is the enemy of us, so we had to make a damage to our enemies. United States supporting terrorism in Syria. We had to respond to these acts, so we know that this tweet will be a big mess in the United States.
MK: Last year, some blogs were changed on the Reuters website. The messages seemed to be very pro-Syria. Was the Syrian Electronic Army responsible for that? If not, do you know who is?
Shadow: Yes, we are responsible for this attack.
MK: It seems the Syrian Electronic Army has claimed responsibility for many of the attacks on Twitter. Why did the SEA not claim the attack on the Reuters blogs?
Shadow: Because Reuters distorting the facts so we also publish the mess in this network with the deployment of some of the facts on the ground without fraud. But we have announced for this attack on the Facebook page. [I asked Shadow to link me to the Facebook page. Shadow told me the page had been removed. Shadow says their social media profiles are routinely disabled, which prompts them to make new ones.]
MK: The email address you use on your website has been found on at least two documents on the website Wikileaks. How do you explain that?
Shadow: Do you trust what Wikileaks publish that US-backed?
MK: I’m just asking questions. The email address is found on at least two emails published by Wikileaks dating back to early 2012. I was just wondering if you knew anything about that.
Shadow: [Shadow asked me for the links to the Wikileaks emails. I sent him two links. He examined them for a few minutes. He sent me an address listed in one of the emails and asked me who it was. I told him I didn't know.] America’s enemy for us. It is natural that is trying to tarnish our reputation. You say that we are backed by the government because of — there are people who sent us a message and knowing that this person is not from the government. My question to you, how can you say that we are backed by the government once someone sent us an email which is not a government of course?
MK: I’m not saying you are backed by the government. I was asking if you were. I’m not accusing you of anything, just asking questions.
Shadow: Well, I’ve answer. We are not backed by any one.
MK: What message are you trying to send by hacking into Twitter accounts and emails?
Shadow: What really going on the ground in Syria and the defense of our homeland.
MK: But you don’t seem to be getting that message across when you hack into Twitter accounts. Instead you seem to want to try to cause damage.
Shadow: Damage to our enemies is defend to our land.
MK: Let’s talk about the four of you. Who are you? Are you students? Professionals? Do you live in the same area?
Shadow: We are university and schools students. Each of us live in the area in Syria and not in one area.
MK: How do you four know each other? Where did you meet?
Shadow: Before the crisis we did not know each other. During the crisis we got on each other on internet and agreed that the defense of the homeland is our duty.
MK: How did you four meet? Facebook? IRC? Something else?
Shadow: FB at the beginning and then we communicated with each other by phone. Then we met each other.
MK: You four met in person?
MK: Do you four regularly meet with each other?
Shadow: Not regularly. When we’ve had the opportunity.
MK: The Syrian Electronic Army has taken issue with how things are reported in the western media. Do you and your team believe in a free and open press?
Shadow: After witnessed in Syria, we believe that most of the media organizations are politicized.
MK: Do you feel western journalists should be allowed to report from Syria? And how do you feel about the western journalists who were able to gain access to Syria and were later killed in the line of duty?
Shadow: The journalists who have been killed in Syria should have to enter Syrian territory legally not by stealth and I think it allowed many of the media to enter Syria to submit their report and the proofs of this are many.
MK: But western journalists can’t legally enter Syria to report on the news. Do you feel they should be allowed to enter legally?
Shadow: A specific journalists. Not everyone.
MK: Who would be specific?
Shadow: I can not decide.
MK: Your concern is that western journalists aren’t telling the truth about Syria. But foreign journalists can’t report from inside Syria without being smuggled in or some other means. Do you feel if foreign journalists would be allowed to report from inside Syria the information they’d gather would be more accurate?
Shadow: I think so, but with the knowledge of the Syrian government.
MK: So you do not support the Syrian government’s ban on foreign journalists?
Shadow: Government may have another vision. I can’t support and also I can’t unsupport.
MK: What’s next for the SEA?
Shadow: Expect anything.