Attacks on Syrian official websites have become an almost daily occurrence, with the identity of the perpetrators and the amount of information leaked remaining unclear, writes Bassel Oudat in Damascus Attacks by hackers on Syrian government websites have become an issue of concern in Damascus, especially since it is believed that many of those responsible are amateurs, raising questions about the apparent ease with which such hacking can occur. Not only have questions been raised about the security of official websites, but observers are also asking how much confidential data may already have been lost as a result of the attacks. Experts believe that the frequency with which Syrian government websites are attacked has been multiplying on a yearly basis, threatening the security of government databases. While the identity of the hackers is unknown, as are their motives in attacking the sites, observers say that "enemies of the state", "hired hands", or "mischievous elements" have thus far been blamed for the attacks. While hacking the websites does not usually result in any disruption to the site, with messages being sent only to a target audience, the nature of the information leaked and its destination cannot be verified. Many Syrian government Websites that have been hacked into recovered within hours, though others have taken some time to repair. Ironically, the sites of the Syrian Scientific Company for Information Technology, one of the country's Internet service providers, and of the Syrian Telecommunications Institution, overseer of Syria's Internet network, have been targeted by hackers. In an incident a few days ago, hackers were able to hack into the website of the Syrian Ministry of Interior, leaving a message in colloquial Arabic addressed to the minister and Syrian people. In the message, the hackers apologised for hacking into the Website, saying that they aimed to show that it was not secure. The minister should "appoint the right person to the right post," the message said. In a statement, Syrian Minister of Interior Said Samur made light of the incident, saying that "none of the functions of the site were affected" and calling the hacking "electronic mischief" that aimed "to undermine those working on the site". Last week, hackers also penetrated the site of the Syrian ministry of religious endowments, leaving a message warning of weak security on the site and signaling the ease with which it could be attacked. Last month, a young Syrian expatriate, indicated by the message left on the site, successfully hacked into the site of the Public Institute for Road Transportation, a body affiliated to the ministry of transport. The hacker, who declared himself to be "Syria's hawk," did not harm the site, but he did call for attention to be paid to the needs of Syria's younger generations. He also apologised for hacking into the site "without permission." This attack came less than a month after a similar attack on the site of Damascus University. In a message left on the site, the hackers wrote, "stop wasting our time and teach us something useful," indicating that those responsible may have been disaffected students. The website of the Syrian pharmaceutical company Tamico was also attacked, with obscene messages being left on it in Arabic. Observers have speculated that the attack may have been connected to a financial dispute, or that it may have been part of a conflict between Tamico, a state-owned manufacturer, and private pharmaceutical laboratories. Hackers have penetrated the sites of many Syrian ministries and state service providers, including the site of the Ministry of Telecommunications, where hackers left a message demanding that the cost of mobile phone use be slashed and an end to the monopoly on mobile phone services. On the Ministry of Electricity's site, hackers called for a cut in electricity bills and for better service, and on the site of the Ministry of Higher Education they urged improved higher education in Syria. Other websites attacked include those of the Ministry of Health, the School of Dentistry at Aleppo University, the Damascus Opera House, the Al-Baath newspaper, and the postal service, among others. However, probably the most embarrassing attack thus far took place two years ago in 2008, when the site of the official Syrian news agency SANA was attacked on the day the Arab summit opened in Damascus. The site was frozen throughout the summit's inaugural ceremony, though it was restored some hours later. No one admitted responsibility for the 2008 attack, though websites close to the government accused Arab parties who had not participated in the summit of hacking into SANA's website in order to prevent reporting on the gathering. Official Syrian websites have been spanned on various occasions from unknown sources, with a flood of fictitious requests being sent to the sites with the intention of overloading servers and preventing them from responding to the needs of real users. Also some years ago, websites belonging to the government and private sector were attacked simultaneously, with hackers demanding that Vice- President Farouk Al-Sharea apologise for criticising Saudi monarch King Abdullah bin Abdel-Aziz. In a statement made at the time, Damascus said that the hackers were Saudi Arabians who aimed to manipulate political differences between the two countries. Hackers have not only targeted websites inside Syria, but have also targeted those based beyond its borders. The sites of some Syrian embassies abroad have been attacked, causing them to crash for days at a time. An attack on the site of the Syrian embassy in London proved devastating, the hackers infecting it with a virus that wrecked the site. Syrian opposition sources claimed at the time that the "virus" had in fact been spyware left on the computers of visitors to the site and installed by the embassy itself. In some of the attacks on the official sites, the hackers have merely left humorous notes, such as "please review your information before the entire site is attacked," or "we are peaceful hackers and mean no harm." Yet, humorous or not, Syrians have been left wondering about the level of security on the government sites and the identity of the hackers. Questions have been raised about the security of databases on government sites and on sites belonging to the country's civilian and military institutions and regime. Experts say that security on Syrian government websites is below world standards, which they explain by pointing to the comparatively underdeveloped nature of the Internet in Syria, the lack of expertise of Webmasters, and the cooperation of US software companies with hackers as a result of the sanctions regime against Syria. The Syrian network as a whole is vulnerable to hacking, experts say, and it could be entirely paralysed if it does not adopt newer technology and better protection. While hackers attack websites the world over, thus far it has only been in Syria that official and government sites have been specifically targeted, raising the question of how exposed Syrian databases may be to Israeli attack.
