MELISSA BLOCK, HOST:
You may have noticed that The New York Times' website was knocked offline yesterday. The Syrian Electronic Army, a group that supports Syrian President Bashar al-Assad, claimed responsibility for the action. The hacktivists, as such groups are known, have launched a series of high profile attacks this year.
NPR's Steve Henn tells us what's known and what's not about the Syrian Electronic Army.
STEVE HENN, BYLINE: In the last six months, the Syrian Electronic Army has targeted NPR, the AP, Reuters, Harvard, the White House, The Washington Post, and now, The New York Times.
KENNETH GEERS: They have achieved numerous tangible successes on the cyber battlefield, the depth and the breadth of which indicate some level of state sponsorship.
HENN: Kenneth Geers is at the IT security firm FireEye. Previously, Geers worked for the Naval Criminal Investigative Service and the NSA. And he points out that not all of the Syrian Electronic Army's attacks have focused on media companies or propaganda.
GEERS: A couple of weeks ago, they took down three very large online telecommunications websites that could give Syrian intelligence access to many, many people that they would be looking for.
HENN: The precise role the group plays isn't clear but there are signs of its connection to the Assad regime. The Syrian Electronic Army's official website was registered by the Syrian Computer Society. In the late '80s and '90s, before he entered politics, Bashar al-Assad served as the society's president. But there's still debate in the security community about whether or not this group is really more of a loosely affiliated group of online hacktivists, kind of like a pro-Assad version of Anonymous.
In most of the group's attacks the hackers have tried to trick their targets into handing over their sign-in information on sensitive, protected accounts.
MIKE CONVERTINE: Credential stealing is not exactly the pinnacle of skill.
HENN: Mike Convertino is a security expert CrowdStrike and a former Air force colonel. Convertino says what's even more telling is what the group does once it gets inside a system. Typically it tries to take down a website or post pro-Assad messages.
CONVERTINE: This tends not to be the kind of thing that governments do.
HENN: Instead, he says, sophisticated state actors would be more likely work to gain more access and then gather intelligence. If they compromised a news organization's email accounts they'd start searching for opposition sources in Syria.
CONVERTINE: Absolutely, you would use those accesses to reporters if you had dissidents that you were worried about, to track the dissidents.
HENN: Yesterday's attack, which knocked The New York Times website offline, didn't infiltrate The Times' servers themselves. Instead it attacked the system that routes Internet traffic around the globe. In effect, hackers took control of The New York Times domain name, www.nytimes.com, and rerouted traffic to a site they controlled.
Attacks like that probably don't help the Assad regime on the ground but they're dramatic. And yesterday, they gave the Syrian Electronic Army a propaganda victory, as the U.S. and its allies make the case for armed strikes.
Steve Henn, NPR News, Silicon Valley.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.