A computer user claiming to be a leading member of the Syrian Electronic Army, a pro-Assad hacking collective, said late Wednesday that his group "may" retaliate against a U.S. military strike with their own cyber assaults targeting the U.S. economy.
The group has taken responsibility for a number of high-profile, if relatively unsophisticated, attacks on major American media organizations including The Associated Press, The Washington Post and, most recently, an attack on The New York Times that brought down the historic newspaper's website for hours earlier this week.
"When we hacked media we do not destroy the site but only publish on it if possible, or publish an article [that] contains the truth of what is happening in Syria," the alleged member, who goes by SEA The Shadow online, told ABC News in an email exchange late Wednesday. "So if the USA launch attack on Syria we may use methods of causing harm, both for the U.S. economy or other."
"All American sites will be our targets and we may be more destructive," the hacker said.
Cyber security experts said it's unclear what danger the SEA actually poses, as their attacks so far have been disruptive to the news organizations but have caused little lasting damage. Even in the case where the SEA took over the AP's Twitter account, falsely announced explosions at the White House and caused the Dow Jones Industrial Average to drop nearly 150 points, the market quickly recovered.
"I think they will retaliate and I think they will do some disruption," former White House counter-terrorism advisor, cyber security expert and ABC News consultant Richard Clarke said. "[But] they haven't done anything that I've seen that involves sophisticated... malware."
"Of course it depends on whether or not they have stuff in reserve that they've been holding, who is helping them and how much money they're willing to spend to get help," Clarke said, referring to suspicions that the group could be supported by the Syrian government or by Iran and to the thriving black market for high-level malware. SEA The Shadow has denied his organization is supported or funded by the Syrian or Iranian governments.
Clarke doubted the group, with the capabilities they've shown, could significantly damage the U.S. financial system or pose much of a threat to U.S. military operations in the region or critical infrastructure back home.
Shawn Henry, former Executive Assistant Director for the FBI's Criminal, Cyber, Response and Services Branch, said if the group targets financial services, like bank or credit card websites, it could disrupt them for a time but would likely not take them down. He likened a potential attack to the swath of cyber attacks that temporarily disrupted banking websites last year. "It'll be more of a nuisance thing," said Henry, now President of CrowdStrike Services and CSO.
Jason Healey, director of the Cyber Statecraft Initiative of the Atlantic Council, agreed, saying that technically someone could claim to have attacked the "economy" because it's such a broad subject, but "there is no real chance they [the SEA] can attack our economy in a way that could actually matter."
SEA 'May' Give Syrian Government 'Sensitive Information'
Though the SEA has repeatedly denied any association with the Syrian government, SEA The Shadow revealed to ABC News that the group "may deliver some sensitive information only for the security apparatus in Syria."
When asked again if the SEA is essentially working for the Syrian government, the hacker said, "Of course not... We do our duty to defend our land."