The Syrian Electronic Army, a loosely defined collective of hackers supporting the mass-murdering regime of Syrian president Bashar al-Assad, are known for disrupting the social-media operations of news outlets, activists, and human rights groups. Over the weekend, the army found itself a new target: pop icon Justin Bieber and his devout fanbase of "Beliebers."
On Saturday, somebody claiming to be an SEA member hacked the Twitter account of the entertainment news outlet E! Online and sent out the following tweets:
Nearly an hour after that first tweet, the Assad-loyalist hacker sent this from the E! house account:
The phony tweets also contained links that reportedly directed followers to malware downloads or other damaging websites. As a result, the E! Online Twitter account was briefly suspended. "Eonline's breaking news twitter and sms accounts were compromised today," an NBCUniversal spokesperson said in a statement. "We're working to have this resolved as quickly as possible and are fully investigating the incident. We apologize for any confusion that the erroneous news alerts may have caused." (Justin Bieber and his publicist did not respond to multiple requests for comment.)
So why did the SEA target Justin Bieber and his adoring fans? Or Spring Breakers star Selena Gomez or Angelina Jolie, for that matter?
"The SEA seeks publicity by claiming political significance to otherwise non-political websites, and targeting these web sites because they are simply vulnerable opportunities," Helmi Noman, senior researcher at University of Toronto's the Citizen Lab (and a leading expert on the Syrian Electronic Army), wrote in an email to Mother Jones. "The SEA has defaced websites that it describes as hostile to the Syrian regime when the websites are nothing but online businesses or personal websites which have nothing to do with the politics of the region. Also, the SEA likes media attention and to stay relevant. Compromising the E! Online Twitter account comes in this context." These efforts to stay relevant have also included hacking the Onion's Twitter feed on Monday, apparently.
SEA isn't the only hacker collective supporting the Assad regime—another group, the MAF Battalion, has its own mischievous web operations, some of which target the Turkish government. (Turkish Prime Minister Recep Tayyip Erdoğan has been highly critical of Assad). But SEA is the most well known of the groups. SEA gained significant media attention in April for hacking CBS News Twitter accounts and pumping out authoritarian, anti-American propaganda; this was widely believed to be retaliation for the State Department's announcement that the United States would double nonlethal assistance to the Syrian opposition and provide new humanitarian aid.
Another prank occurred in March, when SEA successfully attacked the website of Human Rights Watch. According to those who were at HRW during the incident, it wasn't exactly a technical marvel. "I don't want to say it was a minor [incident], but it was not a sophisticated attack," Emma Daly, communications director at HRW, told Mother Jones. "[Whoever did it] obviously didn't like our reporting on Syria."
SEA's activities within Syria aren't as easy to laugh off. Pro-regime hackers routinely go after protesters and cyber dissidents who live under a near-constant threat of death. "Hijacking Twitter accounts qualifies as a weapon of mass annoyance," Martin Libicki, an expert in cyberwar and senior management scientist at the RAND Corporation, says. "But if they hack into the computers of Syrian dissidents, that's what's serious, because people die." (Along with the indiscriminate killing, the Assad government has been accused of compiling extensive hit lists.)
When SEA directs its ire at American media, the consequences are decidedly less severe. "We're not exactly dealing with the world's most mature individuals," Libicki continues. "We see a prank, and [the SEA hacker] might say, 'We've struck a blow to the American colossus!'"
Still, at least one Syria-connected hack attack on Western media outlets has had serious real-world consequences. In April, SEA used the Associated Press Twitter account to send out a tweet falsely claiming that two explosions had rocked the White House and that President Obama had been injured. That one message destabilized American financial markets.