Article Lead Image

#OpSyria explains the motivation behind a major new hack

A member of #OpSyria speaks out about what the hacking operation against the Syrian government is trying to accomplish.

 

Lorraine Murphy

Internet Culture

Posted on Oct 23, 2013   Updated on Jun 1, 2021, 3:33 am CDT

The U.S. is not at war with Syria. But Anonymous, the international hacktivist collective, is. Or rather, part of it is. And now those participating in #OpSyria have claimed their third major victory.

First the hackers took down site after government site, exposing the Syrian government’s lack of operational security. Then they hacked into official databases, nabbing some embarrassing information, including the widespread use of American-owned Hotmail accounts among government employees. They dithered on releasing the names of members of the Syrian Electronic Army, which has compromised several notable news organizations in apparent allegiance to Syrian President Bashar al-Assad, including the New York Times, the Washington Post, the Onion, and the Daily Dot

#OpSyria published a press release on Pastebin Wednesday morning, heralding its newest, and rather enormous, hack of a government website. This time it was the Higher Commission for Scientific Research, and while the website is still up, it has indeed been compromised. There appears to be a significant amount of data in the file, although the hackers admit that some of it is dated. There are, for example, no email accounts newer than 2012.

We spoke to AnonOkapi, a member of the #OpSyria team, via Skype to get an idea of how it all went down.

What’s actually in the files you got? What’s important?

The best stuff is just the user database, email file, network map and database info. All the other files are things we just leeched in .rar from a hidden index on the site. 

Why?

This time we did it for two things. Last time it was “The people of Syria” and “the lulz” It’s: “Top” and “Lel.” In that order, of course. XD [This is a reference to the fact that Anonymous got top level access, fooling the site into thinking they were the site manager.]

What’s your part in OpSyria?

I’m not really a spokesperson. Merely an operative from within AnonOps. My actions and words don’t represent that of the entirety of Anonymous or #OpSyria. Just the hack I directed or took part in. 

How many people were involved in this particular hack?

This one was a three-man operation: one of our guys found the vulnerability, I downloaded and organized things, one cracked hashes [broke the encryption on the files]. It was a good group in a very dedicated work chan [an IRC chat room for collaborating on an Op].

How long did it take you, from deciding to do something, to identifying the vulnerability, to getting all the files?

Less than 12 hours until everything was ready. That included sleeping. So the whole hack probably took a few hours all together. [It took] about an hour or so [to find the security hole]. We went looking for vulns [vulnerabilities] and stumbled across the hidden index [essentially a map to the entire site contents] after a successful SQLi [SQL injection, an attack which inputs code into a vulnerable sign-up or contact form] which gave us users/passes. We cracked the manager password and got in.

Was it you who took down SEA.sy, the Syrian Electronic Army site?

No that one wasn’t us. We were alerted to it though. Cool. We always like when the SEA gets as mad as possible.

Ultimately, what do you want from #OpSyria? What effect do you want it to have?

We want to work against the Syrian Regime as much as we possibly can. We support the people of Syria because they have been oppressed by a powerful despot with criminal actions and illegal weaponry. If we can show just one or two Syrians out there that Anonymous has their back in this fight, we’ll be happy. The end result is hardly an end at all. It’s an ongoing battle in activism circles like this. If some countries won’t take appropriate action against Assad’s chemical weapons and his government in its entirety, Anonymous will look for any way it can to promote action on the cyber front.

We have multiple Arab Spring and Middle East-based operations that work for the same purpose to fight those powerful regimes in the region. AnonOps isn’t technically all of Anonymous. So I can’t speak for anybody else or any other group of activists out there. As far as I’m personally aware, however, #OpSyria focuses on fighting Assad’s regime while operations like #OpIran work for a similar cause.

We turned our attention to the SEA back in September for a short while because they allegedly said fighting words against what Anonymous was doing. In the end we realized that the SEA is merely a small distraction that hasn’t much power at all. They hijack twitter feeds and news networks… the regime kills thousands of innocent women and children. We set our priorities. Now if we target the SEA, we do it as an after-thought for a little bit of “lol take that, noobs.”

The FBI has them on its most wanted list. If they’re like Anonymous, they won’t be too heavily alarmed by that. But they aren’t. They’re a small, organized group grabbing press attention under an organized and tight banner. They will eventually quit or get owned for what they’re doing. And when they do, we’ll just chuckle and move on. The regime is a much more high-priority target in #OpSyria.

How do you think you’re doing with that? What will the effect of today’s hack be in the Presidential Palace? 

Ultimately the hacks don’t seem to cause the biggest stir. Many countries are used to multiple cyber attacks, but it sends a message to the people reading the news. We are doing a lot of things for #OpSyria, not just hacking. Our IRCs have had documents translated into English originating in Arabic that explain how to treat chemical injuries. Others are also doing a lot of very important work. Our Op team (those with channel rank in the channel) is organizing something very effective that spreads information and has launched OpSyria’s website at AnonOps.

What do you think it would take to get Anonymous to wind down #OpSyria. 

The most important thing we can do for Anonymous is spread information to the Syrian people about how to treat injuries they may sustain. The cyber attacks are simply a message. We are watching, we are acting and we are standing with the people of Syria forever.

Ultimately #OpSyria would be effective as a victory if Assad stepped down, the people voted democratically and they didn’t need to feel afraid of walking down the street everyday. No human being should be in a situation where they can’t be sure their child won’t be shot by an AK47 in the middle of a civil war gunfight on his way home from school. We would also like more human rights responses in the region. If the U.N. could get food, water, supplies, aid and so forth to the people in the country, we would be eternally grateful. 

It’s a very humanitarian-based operation.

Photo via Foreign and Commonwealth Office/Flickr

Share this article
*First Published: Oct 23, 2013, 9:05 pm CDT