This week, the Syrian Electronic Army (SEA) 'hacked' the United States Marine Corps (USMC) recruitment website, marines.com. Instead of being able to access the regular website content; information on joining the marines, life as a marine, plaudits and awards of serving and retired marine soldiers and the current operations of the marine corps, visitors were greeted by a page of text, allegedly from forces loyal to the Assad regime. The message was simple; American intervention in the Syrian civil war is not welcome.
Worse than that, however, the website contained images of alleged active duty United States military personnel in uniform, holding signs that stated they did not wish to be involved in a Syrian conflict. Most cited that by working with the rebels, American forces would be directly supporting Al-Qaeda.
A screenshot from the defaced website can be found below.
Of course, the vandalism was soon spotted and fixed, and the USMC website is back to normal, because the USMC is a strong, technologically savvy military force – and because the “hackers” really didn't do too much damage at all.
This xkcd comic represents exactly what happens when websites are defaced like this:
These types of cyberattacks are common. They are cheap to carry out and can be done fairly easily. On the other hand, they are usually very easy to fix. If we return to xkcd's poster metaphor, all that is required to hide one vandalised poster is to put another one up. Cover up the vandalism, and allow those who are interested to access your content again.
These attacks, however, are unlikely to be put off by the ease to which their hard work is mitigated. These attacks are often considered to be very successful due to the high numbers of individuals that come across their work. In academic circles, we often speak about the theatre of terrorism. The theatre of terrorism is the way in which terrorist groups and individuals plan their attacks in order to be seen. They count on 24/7 news coverage, on broadsheet analysis, on live footage broadcast from ground zero. In addition to being an act of horrific violence, terrorist acts are theatrical in nature, designed to draw the eye of the worlds media, keep citizens glued to the television as the news develops and provide the terrorist group with a platform from which to disseminate their message and gain further recruits.
These website defacements are, in my opinion, the continuation of theatrical terrorism in the online domain. Within moments, news outlets had reported that marines.com had been hacked, online message boards had begun discussions and academics like myself started to take notes. We have all been drawn towards the theatrics of this attack.
But, of course, the SEA's defacement of marines.com can't be terrorism. Terrorism results in loss of life and damage to property. It is the use (or the threat thereof) of force against a civilian population in order to coerce a government into changing its policies in the name of a political, ideological, religious or racial goal. Or, at least, it is according to the United Kingdom's Terrorism Act 2000. Over the course of this cyberattack, nobody has died, and no property has been damaged in a meaningful way.
How, then, does a cyberattack become cyberterrorism? I hope that future blog posts will come a short way in addressing part of this massive question.
And, of course, before I close this blog, I should point out the sheer irony of discussing how the goal of the SEA's defacement was to get people talking about their attack. I seem to have fallen rather neatly into their plans. Perhaps it wasn't so unsophisticated an attack after all.