Many online users sat glued to their computer screens yesterday as Syrian hackers took over Qatar Foundation’s social media accounts and continuously posted a slew of insults and hateful messages on Twitter and Facebook for nearly six hours.
Reactions online varied from shock, disbelief and disgust to praise, amusement and delight.
Qatar’s internet security system is that bad and easy to break in. Not good for a developing nation. :c
The most popular question appeared to be, how could this happen to such a large and powerful institution?
What happened?
There are a few theories about how the Syrian Electronic Army, a group that claims loyalty to embattled Syrian president Bashar Al Assad and which quickly took credit for the attack, hacked into QF’s Twitter and Facebook accounts.
According to an anonymous QF official interviewed by the Peninsula:
“QF had received anonymous emails from fake accounts with external links. Someone must have opened them, which gave hackers access to important data on the server.”
But the official added: “At this point, it appears the organization is still not sure about what went wrong.”
ILoveQatar.net’s Khalifa Saleh Al Haroon, who recently spoke on a Safer Internet Day panel at Qatar University, has posted his own theories about the attack.
Weak passwords are one possibility, or the SEA could have taken advantage of how easy it is to infiltrate people’s email addresses once armed with certain basic personal information, he said.
Regaining control
Another popular question raised yesterday was, why did it take so long for QF to regain control of its accounts?
According to digital business publication Quartz, which referred to the QF attack as the latest hacking victory for the SEA:
When a social media account is hacked, and the attackers change all the associated email addresses and other points of contact, the only thing left for an account owner to do is lodge a support request with Twitter or Facebook directly. That’s why, when an account is hacked, it often takes hours for the damage to be undone—by design, the process of restoring access requires human intervention.
Since the attack took place on a Friday morning in Qatar – the middle of the night in California, where Twitter and Facebook are based – support was presumably slower to react.
Meanwhile, repercussions against the hackers are unlikely. Qatar has long been vocal about its support of the Syrian opposition and the ousting of Al Assad. In addition to sending aid to the rebels, Qatar most recently handed the keys to the embassy in Doha over to the Syrian National Coalition – actions that have all sparked the ire of Al Assad loyalists, who have also hacked Al Jazeera.
Looking forward
As it looks unlikely that cyber attacks motivated by politics will relent any time soon, Tariq Alsada, head of Press Office for QF, told Doha News that the organization is working to upgrade its security measures to prevent future attacks.
“Unfortunately, hacking is now a fact of life for many international organizations and businesses, regardless of their spheres of activity. In the last few days alone the Twitter accounts of both Burger King and Jeep have been compromised, while last week’s breaching of the ‘Anonymous’ hacking collective’s account demonstrates that this issue affects everyone…
At Qatar Foundation, we take this problem very seriously, and continually review and update our security procedures as appropriate.”
Thoughts?
Credit: Image via SEA website