x Abu Dhabi, UAE Thursday 20 July 2017

Why Syria’s cyber attack on Qatar was relatively low-risk

Malicious hackers can operate from anywhere. Most governments want to stop them; but what about the states that encourage them?

The disruption to most of Qatar’s online presence last month deserves attention, especially in terms of internet governance and cyber security. Unleashing an army, albeit a digital one, against another country’s infrastructure is no minor incident.

The event, which lasted for several hours, was marked by a tweet stating “Qatar is #down”, and posted deep in the night of October 19 by a group calling itself the Syrian Electronic Army (SEA).

In the following few hours, the majority of Qatari government agencies’ websites were either unavailable or featured pictures of Bashar Al Assad. 

But why would Mr Al Assad’s forces launch such an attack?

Qatar may be severely at odds with his regime, but that does not especially mark the country out from a significant part of the rest of the international community.

The attack raises questions about whether international cybercrime laws are able to deal with such threats. Politically motivated attacks have increased in recent months and involve greater amounts of skill and coordination.

How a government responds to such threats will define its reputation as a cyber power and, to a lesser extent, its standing in the international community. 

The SEA is not an innocent group. To date, it has launched numerous attacks against targets in the United States and United Kingdom, including the false reports that sprang up earlier this year about the White House being bombed and about Barack Obama sustaining injuries.

Separately, the SEA has also hacked a number of media organisations including Reuters, Associated Press, the New York Times, Al Jazeera and Twitter.

FireEye, a global network security company, notes that the SEA attacks are significant because they give Syrian intelligence access to the communications of millions of people, including political activists within Syria, who might then be targeted for espionage, intimidation, and arrest.

Mr Al Assad’s regime will also be aware that dabbling in cyber warfare does not constitute a significant additional risk to a regime already facing serial threats.

But how far can a state nurture cyber attacks without assuming responsibility for them?

Despite some latitude regarding the legal interpretation over the extent to which governments are held responsible for cyber incidents launched within their borders, responsibility does exist for attacks directed or controlled by state organisations or those that are carried out in the absence of official authorities.

What happens next will also be instructive. In theory, Syria needs to take a stance on the significant cyber force emerging in their jurisdiction. In practice it won’t. The regime will undoubtedly deem other matters as far more pressing than hackers operating within its borders, particularly those who may have carried out the attack with Mr Al Assad’s knowledge.

Qatar, meanwhile, has an opportunity to assert itself as a serious international player.

The Gulf state will be well aware that how countries manage to sustain their information society, internet economy and security of their information-technology systems, often defines perceptions of them on the landscape of international cyber security.

Eneken Tikk-Ringas is the Bahrain-based Senior Fellow for Cyber Security at the International Institute for Strategic Studies