YOU’RE on your computer, messaging friends through Facebook or Twitter.
Then it flashes up your screen. “AWAIT YOUR ANNIHILATION”.
This isn’t a scene from a Matrix reboot, it’s an act of war on the world’s largest battleground: the internet.
Terrorists, rebels and government forces have adopted digital media as their newest weapon. It has become a frighteningly powerful force for both good and evil, as dangerous as bullets or bombs.
“These electronic soldiers can be based anywhere in the world and still impact on battles and peoples’ lives,”Al Jazeera senior reporter Juliana Ruhfus told news.com.au, after conducting an investigation into virtual militants.
The damage wreaked by cyber spies is very real. Extremists watch the offices of their enemies and recruit directly from the homes of disillusioned Australian teenagers like Jake Bilardi, who are primed to fall prey to radical ideologies.
Campaign group Raqqa is Being Slaughtered Silently uses social media sites to circulate information and videos of the Islamic State’s atrocities in the Syrian city. But members know IS is always just one step behind.
Since the Arab Spring uprising, Syrian president Bashar al-Assad has grown wise to the destructive influence of technology, and built a devastatingly strong cyber army.
Security firm FireEye discovered that Syria was tracking down opposition forces through their IP addresses, and spying on their conversations to steal information on real-life battle strategies, supply routes and plans of attack.
Syrian activist Rami Jarrah from Radio ANA, who posted footage of protests, was captured and tortured for his intelligence by pro-Assad forces. Through his Facebook account, they gained access to his campaign office, his email and his friends.
“The internet turned very quickly from a tool of liberation to one of oppression as activists were tracked via social media and IP addresses,” said Ruhfus.
Some activists were tortured for passwords, others were approached by attractive women on matchmaking websites, who weren’t what they seemed. Eventually they would send photos of themselves containing malicious spyware, FireEye discovered.
Notorious hacking group Anonymous has retaliated with force, defacing Syria’s Ministry of Defence, while other activists accessed and revealed details from Assad’s email.
Groups with names like “Cyber Arabs” and “SalamaTech” started training activists in internet security and encryption, skills Ruhfus thinks we will all begin to need “as we all are increasingly targeted by cybercrime.”
The virtual war is global. International organisations and individuals are targets as well as Middle Eastern groups.
Tech giants including Google, Facebook, Twitter are on the front line, this month attending Australia’s Regional Summit to Counter Violent Extremism to plan their battle strategies.
The Syrian Electronic Army has defaced websites of western media outlets including the BBC, CNN, the New York Times and The Guardian, in protest against coverage seen as anti-Assad.
This ability has the potential to do crushing damage, now we rely on technology for so much. When SEA hacked the Twitter account of the Associated Press, it posted a tweet saying that President Obama had been injured in two White House explosions. As a result, $US136 billion was temporarily wiped off the stock exchange.
Assad denies responsibility for the SEA, but it is hosted on Syria’s national network, and activists are certain it is linked to the Syrian Computer Society, set up in the wake of the Arab Spring.
In April, following the Charlie Hebdo attacks in Paris, French television network TV5Monde was targeted just before it was due to launch a Middle East-targeted lifestyle channel. All of its 12 channels went dark and were replaced by a message from the “Cyber Caliphate”.
Most assumed this was the work of IS, but in a startling twist, independent cyber security companies identified the hack as the work of Kremlin-linked group APT28.
“The Russian government is quite close to President Assad and increasingly hostile towards France, so you could argue that such a hack was killing ‘two birds with one stone’,” said Ruhfus.
What is most insidious about these attacks is that they often use weapons created for innocent purposes.
French teenager Jean Pierre Leseur programmed a “Trojan” called Dark Comet and uploaded it to the internet for free. Dark Comet would send a message to Skype users during their conversations saying the program had closed. When they clicked OK, the hacker would be inside their computer, able to monitor their computer and physically see and hear everything they did through their webcam.
He saw it as a method to improve security skills, but Syria saw it as an opportunity. It was used by pro-regime forces to access 31,000 Skype conversations.
“He didn’t expect any government to go into an open forum to pick software for surveillance,” said Ruhfus. “The lines are definitely blurred.”
Coders have become increasingly wary of sharing such information.
“Jean Pierre told us that over the last few years the vibe in the forums has changed from people who wanted to upload what they had coded and share things for free to something darker, so that he has consciously taken a step back,” said Ruhfus.
Some international surveillance companies, such as US company Blue Coat Systems Inc and the Italian Area SpA, are accused of deliberately providing spy software to forces with murky intentions — but money to spend.
The US has a significant presence in online forums to do with surveillance. “The suspicion is that the majority of such forums are now moderated by Americans with government or secret service connections,” said Ruhfus. “And who is to know who’s who?”
It’s a murky, risky world. And it could come straight into your bedroom at any moment. That’s one very scary bogeyman.
Watch the full Al-Jazeera investigative documentary Syria’s Electronic Armies here.