The question we posed is relatively simple and based on certain facts: the extraordinary network system of activists and supporters, the existence of a real global network, their knowledge of sophisticated cryptographic systems and the know-how of the Syrian Electronic Army(one of the world’s best hacker networks).
I wrote about SEA in an article in “Unità” in 2013 when this organization was responsible for embedded attacks on Twitter and other western information sites. SEA, the Syrian Electronic Army, is armed with made-in Russia technology and training (they have a military base there) and exploits servers and connection systems throughout the ex-USSR republics. Officially the group was “autonomous” and financed by Makhlouf, the owner of SyriaTel and Bashar al-Assad’s cousin, who has an office in Dubai.
SEA’s main specialization appears to be mail-phishing software to gain control of PCs and carry out data theft in the constant search for identities to use for counter-information and new attacks. (The full article can be found here)
For a more comprehensive picture, we can be pretty sure that some ex-SEA members (tied to Assad) have joined fronts with another group of hackers known as Al-Nusra Electronic Army which already in 2013 was affiliated with the Al-Nusra rebel front which was presumed to be (and now we know for sure) a branch of Al-Qaeda and now of ISIS. Accused of the defacement of the Syrian Commission on Financial Markets and Securities, it had already operated against the Russian government in March.
Another group is the Aleppo Pirates which since 2013 has been operating in Turkey near the Syrian border. Founded by another ex-SEA member, it works in parallel with yet another group, the Falcons of Damascus.
These numerous cyber groups which are in some ways connected and often coordinated are widespread throughout the area and include the Yemen Hackers, the Muslim Hackers, the Arab Hackers For Free Palestine and the Syrian Hackers School. In addition, there are numerous names which are more like signatures or a mix up of members than really independent groups. The reasons for this are to differentiate the specific actions undertaken but maybe also to give the impression of an even larger number of activists. Examples are, Cyber Jihad Front, Hezbollah Cyber, Cyber Jihad Team, Mujahedeen Team and Memri Jttm, all of which can be traced back to the Cyber Caliphate.
Behind all these names lies a huge network of “indirect” financing which guarantees the availability of networks, technology and connections as well as land lines and some satellite access.