Podcast 12: SEA And The Power of State-Sponsored Hacking







In today’s digital-first world, where most of our lives unfold across a series of screens and keystrokes, the need to protect against ransomware has never been more pressing. It’s not just about securing data; it’s about safeguarding our daily routines, our privacy, and our peace of mind. With cyber threats evolving faster than ever, how can we keep our digital doors locked tight against the insidious creep of online bandits? The answer lies not just in robust cybersecurity solutions but also in staying informed, alert, and one step ahead.

In our latest episode of the Digital Desperados Podcast, we’ve spun a web of dark tales from the deepest corners of the internet—a space where the unwary find themselves outmaneuvered and outclassed by cybercriminal masterminds. But here’s the twist: while our tales may chill you to the bone, they’re also peppered with practical advice on how to protect against ransomware.

Join Jim Brangenberg, Patrick McMurphy, and Brad Hawkins, the founder and CEO of SaferNet Online, as they unravel a story that’s less about doom and gloom and more about empowering you to take charge of your digital safety. SaferNet.com isn’t just our sponsor; it’s your ally in the fight against cybercrime. Offering an easy-to-use cybersecurity app that provides VPN protection, internet controls, virus barriers, and a staggering 84 website filters, SaferNet stands as a bulwark against the relentless tide of digital threats.

So, buckle up as we dive into the murky waters of the Syrian Electronic Army’s cyber escapades, with stories that underscore the importance of cybersecurity without sending you running for the hills. Remember, knowledge is power, and by the end of this blog post, you’ll be armed with not just spine-tingling stories but the means to fortify your digital domain.

Transcript Begins:

Jim Brangenberg: Welcome to the Digital Desperados Podcast featuring Dark Tales from the Web. Patrick McMurphy is here today and he’s promised us that today’s Dark Tale will at least be a little fun. He’s joined by Brad Hawkins, founder and CEO of SaferNet Online at SaferNet. com. And I’m Jim Brangenberg and I’ll serve as your story guide. But I usually don’t know all the details of the stories until Patrick tells us that.

But remember that this is brought to you by SaferNet, because someone’s always watching you when you’re on the internet. How else would they know what to advertise on the side of your screen? That just is so freaky.

Get rid of that Amazon Echo in your office or in your home. Stay safe all of the places that you go with SaferNet. It’s easy. It’s an easy to use cyber security app that keeps businesses and families protected. Experience VPN. That’s a virtual private network, internet controls and virus protection, and 84 website filters for a distraction free productive online environment. SaferNet. com. That’s SaferNet. com

Patrick McMurphy, you have promised us that today’s story will be a little happier because the last one you, actually the last two guys, you killed off at the end. I hope this is better. Patrick, who do you have for us today?

Patrick McMurphy: No one dies here, but again, it depends on your definition of fun. But today we are talking about the Syrian , . Already doesn’t sound fun.

So the Syrian Electronic Army, also known as SEA. I may just refer to them as the Syrians because it’s a mouthful. So the Syrians, they’re a state sponsored hacker.

Jim Brangenberg: Now I think you better say it’s the Syrian Electronic Army or the Syrians will be calling us pretty soon about this podcast.


Patrick McMurphy: So the Electronic Army, they’re state sponsored hackers. And so what a state sponsored hacker is – so you have to understand. So every country that has a competent and large somewhat military, physical military, will have a digital version of it. Much smaller, but they’re called state sponsored

hackers. And normally what they will do in times of war, in times of warfare especially, they will destabilize the enemy state.

That’s their whole purpose. They’re just like a normal army, except it’s a load of nerds in the basement. So what makes the Syrian Electronic Army a little bit different is that they’re not focused on financial gain for their country. What they’re really focused on is propaganda and destabilization.

They are one of the most active state sponsored hackers in the world. They’re really just noted for their high frequency of attacks. As of January 2024, they’ve been involved in 35 major attacks receiving media attention and a lot of numerous minor ones. Now they were founded in 2011. If you guys can remember 2011, it was the Arab Spring.

And specifically in Syria’s case, it was the Syrian Civil War. They were founded to basically counter Syrian opposition narratives, as well as Western media, or anyone who attacked the Assad regime. These guys, I can’t understate this enough. They have a near religious level of loyalty to President Assad.

Assad, unlike a lot of other presidents, he has actually a very deep technical background. And he actually introduced the internet in Syria. He headed the Syrian Computer Society, which have been the country’s sole ISP. So these guys love Assad.

Brad Hawkins: So what do they do? Just attack people or countries that say anything bad about Syria? Is that the agenda?

Patrick McMurphy: Yeah, which is most of the world. The target board is quite big here.

Jim Brangenberg: But you have to look back. I’m not sure that Syria is a whole lot better since we started bashing Bashar al Assad back in 2011. Syria was a lot more stable before we started doing that.

Patrick McMurphy: True, and to be fair to Assad, he has outlived nearly all of his opponents, so he’s doing something in terms of their attack vectors, as in how they hack people. What they, their main two are phishing and spear phishing. They’re also known for DDOS attacks and deploying malware via phishing.

Jim Brangenberg: Alright, hang on, come on. We got people listening, they’re actually trying to have a good time.

Patrick McMurphy: I’m sorry, I’m reversing.

Jim Brangenberg: Okay, phishing versus spear phishing. I know what phishing is and I know what spear phishing is, but you’re not talking about either of those things.

Patrick McMurphy: Okay, let me take it from the top. So phishing is when you send out mass e mails to people being like, Hey, you should click this link because we’re your bank, or you have a package to collect. You click the link. It’s actually malware or something. You’re hacked.

Brad Hawkins: And what’s amazing about those emails that you get, they look completely legitimate. Absolutely completely legitimate. With the technology today, somebody can create an email that looks exactly like one of your vendors, one of your maybe your electric company or maybe your maybe your own personal company. You get an email from somebody that is in your company and you click on it and whoops, it’s a phishing.

Jim Brangenberg: Yes. But if you click on it and you have SaferNet, it says you don’t want to go here because that’s what my computer says.

Brad Hawkins: That’s what I love about what SaferNet does is it will block phishing attacks.

Jim Brangenberg: All right. So phishing versus spear phishing then.

Patrick McMurphy: Yeah, and so spear phishing is really what kind of Brad touched upon there at the end. Spear phishing is when you’re a hacker and you know your target, so you know this guy is in charge of this company so you’re going to pose as his maybe CFO or accountant or something similar and you email him being like hey boss can you sign off on these documents that are totally real but they’re not at all? And I suppose the last unknown I mentioned there were DDoS attacks and this is really when you have a network and it gets targeted all at once by a larger network of thousands of computers and so it brings the network down just through oversimulation effectively.

And so they’re really using a lot of the kind of common tricks found with most hacking groups. They also engage in less harmful activities, but they do that quite a bit in defacing media websites with pro Assad or pro Syria messages. That’s one of their mainstays. That’s their bread and butter.

Jim Brangenberg: I just, it’s important that we recognize and understand that, these people are out there. This is not a group that’s disbanded. This is a group that’s out there today. So we’re being cautious what we say here today, because we, Patrick hasn’t told us whether they’re black hat, gray hat, white hat, or red hat yet.

So we’re not sure where they’re at, but one thing we can assume is that if you had safenet.com on your, on all your devices, you got a better chance against these guys than if you didn’t. And SafeNet should be, you need a VPN.

You need website filters to protect yourself. You need antivirus and SaferNet is the solution. You should check out. It’s so easy to control for your whole company. Just check it out. Safe net.com.

Patrick McMurphy: So looking back at when the Electronic Army started, they were initially funded by a man by the name of Rami Makhlouf.

So Makhlouf is Assad’s cousin. He’s also a very prominent businessman. He owned the entire cell network in Syria. He operated all of them. It’s because his cousin is Assad basically. But Makhlouf and Assad had a falling out in 2020. Has gone missing permanently, shall we say? And the group has now been funded directly from Assad’s regime. So this is how tight these guys are.

Now, unlike other state sponsored hacking groups, which are full of shadows, you don’t know the members, a lot of the Electronic Army members are known, and in fact have been mentioned by Assad in speeches where he thanks them personally. If you look at the demographics of the Electronic Army members, it can be surprising.

So they’re predominantly Syrian as you can imagine. A lot of them live in Dubai, however, and this is a little bit troubling, recent years have seen the inclusion of first generation Syrian immigrants from countries like Germany and other countries within Europe that have a high population of Syrian migrants.

Brad Hawkins: Now, is this a little bit like we’ve seen the Russians going out and hiring black hat hackers that have gotten caught and somehow they, they end up not going to jail, they end up showing up in Russia doing some Russian work?

Patrick McMurphy: It’s more so that these guys remain operating in countries like Germany. So we’ll say that you’re the child of this first, of first generation

immigrants. The Syrian Electronic Army would reach out to you and convince you to work for them while you remain a good European citizen, quote unquote within your host country. So two of the most well known members currently are Ahmad Umar Ayka, he’s 22.

He’s known online as the pro. And Firas Dardar, 27 years of age, known online as the shadow. So they’re charged with quite a few things. Just for example, engaging in a hoax regarding a terrorist attack, attempting to cause mutiny of the U. S. armed forces, illicit possession of authentication features, access device fraud, unauthorized access to and damage of computers, and unlawful access to stored communications.

Just on the pro and the shadow alone, the FBI have a bounty of 100, 000. And that’s just two members. So you can see the level of people we’re dealing with here.

Jim Brangenberg: There was a presidential candidate that had a lot of those same things that that presidential candidate had done. So I’m not going to say any more, I just thought I’d say it.

Patrick McMurphy: I know another well known member, and this is what I touched upon a while ago, is Peter Romar. So Peter Romar was born in Germany to Syrian parents. He actually was extradited from Germany to the U. S. to face charges for, and I’m quoting here, a multi year criminal conspiracy to conduct computer intrusions against perceived detractors of President Assad, including media entities, the White House, and foreign governments. So these are serious guys we’re dealing with.

Wow. And the FBI chasing any of these people? They’re trying

to, not very well.

Jim Brangenberg: Not very well. All right. So are you worried about your online security? If they can’t see you, they can’t follow you. For online security look no further than SaferNet VPN, offers seamless protection for businesses.

Stay productive and safe with SaferNet. It’s easy to use app and robust internet filters. I love using them every day. Embrace cybersecurity without complexity. SaferNet, your guardian in the digital world. Sign up at SaferNet. com.

Patrick McMurphy: So the Syrian Electronic Army, these guys have five known attacks as we said, but look, there’s not the time in the day to go over

every single one of these attacks. So I’m just gonna, I’m gonna just list off a couple of those. So the big hacks on high profile universities in the U. S., including Harvard, University of California, they were basically defacing the websites to put pro Syrian propaganda on them.

Like I said earlier, they were always doing things like this. Even in 2012, if you guys logged into LinkedIn in 2012, you just got redirected to a pro Assad website.

Brad Hawkins: So just trying to drive a a message. They’re trying to deliver a message to the world?

Patrick McMurphy: Yeah it’s propaganda and chaos. For example, with chaos they, what they love doing is providing fake information to the media. For example, the Associated Press Twitter account a couple of years ago, falsely claimed the White House had been bombed and then President Obama injured. And because of that tweet there was a 136.5 billion decline in the value of the s and p that day.

Yeah. , these are serious guys.

Jim Brangenberg: I don’t remember that LinkedIn thing. I’m on LinkedIn all the time. I don’t ever remember getting a redirected because I would have remembered that. ’cause I’m on LinkedIn all the time.

Patrick McMurphy: Were you there 2012?

Jim Brangenberg: Oh, I’ve been on LinkedIn since the late 90s. Oh yeah, absolutely.

I’m thinking, one other thing I was thinking about, this is a political comment, but I’m not sure that the Syrians would need to hack into some of those big Ivy League universities anymore because they already agree with them. They got their own login now! .

Patrick McMurphy: And even without getting too political on it, if you look at the way these universities are leaning these days, and if you look at the work that the SEA have been doing for the last decade, you can actually start drawing connections in terms of spreading propaganda and things like that. It’s there plain as day.

Jim Brangenberg: And maybe they’re still doing it today with all the wars going on. It’s interesting.

Patrick McMurphy: Yeah. Yeah. And they also hacked the U. S. Marines websites. They changed all the text to appeal to American citizens that it would be morally incorrect to follow any orders from Washington that would harm Syria.

In terms of media websites and social media websites that have been hacked for propaganda or to spread chaos or just sent offline, I’m going to run through this list really quickly. I’m going to try not run out of breath. You’ll see how long it is. New York Times, Huffington Post, Sky News, ITV London, BBC News, Facebook, Forbes, Twitter, eBay, PayPal, Microsoft Office, Skype. The Sun, the Sunday Times, CNN, London Evening Standard, the Telegraph, NBC, and the National Hockey League, which I take a lot of offense to, as Brad can tell you, because I’m a rocket hockey fan. I’m actually stopping the list there, but it continues. These guys are just, they’re professionals.

Brad Hawkins: It’s another group of hackers or people that are probably really good at marketing. Oh yeah. Can you imagine the skill sets of these guys, if they would just do it in a right way, in a positive way, in a, in an encouraging way, you could, these people could make who knows how much money in just being an expert marketer. So we’re always looking for good marketers for SaferNet.

Jim Brangenberg: And in this case, and in this case, they’re not doing it for money. They’re doing it for an agenda, and they have succeeded in this, getting this agenda out there. We are living that today.

Patrick McMurphy: Yeah, absolutely. Absolutely.

And now in a more kind of blunt, and I suppose darker in terms of crimes that they’ve done, they’ve conducted a lot of surveillance that’s led to the identification and execution of Syrian Rebels and anyone who’s anti regime. So it’s not all just propaganda. People are seriously dying from this.

In the last 12 months, they’ve developed this new malware called Silverhawk. It’s on Android specifically. It’s targeting people who use WhatsApp, Signal, and Telegram. And so it, it sends it via phishing link on these messaging apps. It’s a spyware. So Silverhawk, it accesses your microphone, camera, contacts, messages, everything and sends all the information back to the Electronic Army.

So from their point of view, they are saying that they are fighting fabricated news, quote unquote, spread by the Arab and Western media on what is happening in Syria. And now a number of years ago, voice. com, which I think they’re actually, voice might be gone now, I was reading recently, but they had an, it got an interview with one of the members of the Syrian Electronic Army and I’ll quote him.

He said, we’re all Syrian youths who each have our specialized computer skills such as hacking and graphic design. Our mission is to defend our proud and beloved country, Syria, against a bloody media war that has been raged against our controlled media. Certain countries continue to publish lies and fabricate news about Syria.

So yeah, that is the Syrian Electronic Army, and they’re incredibly successful.

Brad Hawkins: Patrick, do you have any idea how many people are in the SEA?

Patrick McMurphy: I would say at least a thousand. These guys, if you look at some other bigger, some of the other country hacking groups, it’s normally crack squads of 20 guys.

But these guys truly are an army. These guys, these are regimented guys. It’s, they’re pledging. It’s a culture war is what they’re getting involved in in a lot of ways as well, and they’re being quite successful out of it.

Brad Hawkins: Oh, yeah, that’s exactly right. They, truly, they have been very successful. They have influenced the world in regards to how they’re viewed.

Jim Brangenberg: Yeah. You have to wonder, what is it that they’re saying that is true? That we don’t know? Some of what they say may be true, may not be true, but what is it that they’re saying that’s true that we don’t know because our own media won’t cover it? That’s a story for another day.

Just remember that you heard it here – the internet and everything digital does have a dark side and it has many dark players. Sometimes a thousand of em in one army. It’s why you need SaferNet by your side with their VPN, their antivirus and website filters and their controls.

It’s just, it’s so powerful. Thanks to SaferNet for supporting our efforts to bring these stories to your ears. A little spooked out today. I don’t know if that really

qualified as a fun story, Patrick. I think you blew that deal. Next time we want laughter on the show!

For your own safety and security and the security of those you love and you work with, check out SaferNet. com and get secured today. Until the next time, click only on the news sites that you know will provide the truth and aren’t being influenced by an army. And for those links that you get sent from the people that you think are maybe your co workers, only click on the links of, from, and the documents of people that you know and trust and make sure that they actually sent it to you or you might become the victim of a digital desperado.


Transcript Ends.


As we log off from this latest digital odyssey, it’s clear that the shadowy realms of cybercrime are no match for the empowered, informed, and vigilant netizen. The stories shared in today’s episode aren’t just tales of cyber woes; they’re potent reminders that in the age of information, the best defense is a good offense. Protecting against ransomware isn’t a one-time deal—it’s a commitment to continuous vigilance and education.

At SaferNet.com, the commitment to your online safety never wavers. Like a digital guardian angel, SaferNet’s suite of tools works tirelessly to shield you from the omnipresent threats that lurk behind every virtual corner. Whether it’s securing your data against the siege of ransomware or ensuring your online experience is as clean as a whistle, SaferNet’s cybersecurity app is your steadfast protector.

Remember, every click counts, and with SaferNet by your side, each click leads to a safer, more secure digital landscape. Don’t let your guard down—fortify your defenses, educate your loved ones, and let’s create a cyber-safe community together. Until next time, keep your software updated, your passwords complex, and your digital footprint minimal. Stay savvy, stay secure, and above all, stay safe.

Check out SaferNet.com to not just protect against ransomware but to become a champion of your own cyber sanctuary. Because when it comes to the digital desperadoes, the best victory is the one where you never see them coming.