The political activist hackers of the Syrian Electronic Army are at it again, targeting one of the highest-profile users of social media in the world: President Obama. But SEA's claims of commandeering his Twitter account aren't quite accurate.
For a few hours, posts on the President's Facebook and Twitter accounts directed users to YouTube videos uploaded by SEA, and to the SEA website itself. The hackers also posted an image of a Gmail inbox belonging to an employee of Organizing for Action, an official promotional website for President Obama's various political initiatives.
On the face of it, this looks like a very serious hack of the President's accounts — but in fact, neither of those accounts was actually compromised, an OFA official told the Associated Press. Like its other high-profile attacks over the last year (The New York Times, Washington Post, and Guardian, among others), SEA's technique was deceptively unsophisticated.
Instead of coding a special virus or decrypting critical communications, the SEA in all cases manages to get hold of the username and password of someone related to the website or account in question, and simply logs in with their credentials.
In this case, SEA apparently got hold of an OFA employee's Gmail account at the very least, and since OFA manages some of the President's social media tools, the hackers were granted access with no need for high-tech cloak-and-dagger tactics.
With the stolen credentials, SEA took control of OFA.bo, the President's official link-shortening service, and redirected shortened links to its own content. That way, the "hack" makes its way onto Facebook, Twitter, and elsewhere — without having to hack any highly-secure servers.
A disused donation page on the OFA website was also rewritten, but the front page and other data remained untouched.
These attacks on high-profile users of social media are by nature highly visible, but they're not the kind of hackers that will reveal state secrets or undermine the NSA. U.S. cybersecurity types are more worried about what they call "advanced persistent threats" such as state-sponsored hacker groups in China and Iran targeting military operations and critical infrastructure.
The Associated Press contributed to this report.
Devin Coldewey is a contributing writer for NBC News Digital. His personal website is coldewey.cc.
