If the United States attacks Syria, it will be the first time it strikes a country that is capable of waging retaliatory cyberspace attacks on American targets.

The risk is heightened by Syria’s alliance with Iran, which has built up its cyber capability in the past three years, and already gives the country technical and other support. If Iran stood with Syria in any fray with the United States that would significantly increase the cyber threat, security experts said.

Organized cyber attacks have already been carried out by the Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad. It has disrupted the websites of U.S. media and Internet companies and is now threatening to step up such hacking if Washington bombs Damascus.

“It’s likely that the Syrian Electronic Army does something in response, perhaps with some assistance from Iranian-related groups,” said former White House cybersecurity and counter terror adviser Richard Clarke.

Little is known about the hackers behind the Syrian Electronic Army, and there is no evidence that the group is capable of destructive attacks on critical infrastructure.

However, former U.S. National Security Agency director Michael Hayden told Reuters that the SEA “sounds like an Iranian proxy,” and it could have much greater ability than it has displayed.

Thus far, the SEA’s most disruptive act was in April when it broke into the Twitter account of the Associated Press and sent fictional tweets about explosions at the White House. The false messages sent the stock market into a downward spiral that, for a short time, erased more than $100 billion in value.

In an email to Reuters on Wednesday, Aug. 28, the SEA said if the U.S. military moves against Syria “our targets will be different.”

“Everything will be possible if the U.S. begins hostile military actions against Syria,” the group said in the note.

Asked about the threat of cyber retaliation, U.S. Department of Homeland Security spokesman Peter Boogaard said the government “is closely following the situation and actively collaborates and shares information with public and private sector partners every day.”

Cyber experts have said that Iran increased its cyber capabilities after the United States used the Stuxnet virus to attack Tehran’s nuclear program.

U.S. intelligence officials have blamed hackers sponsored by Iran for a series of so-called distributed-denial-of-service attacks against many U.S. banking sites. In DDoS attacks, thousands of computers try to contact a target website at the same time, overwhelming it and rendering it inaccessible.

In three waves of attacks since last September, consumers have reported inability to conduct online transactions at more than a dozen banks, including Wells Fargo & Co, Citigroup Inc, JPMorgan Chase & Co and Bank of America Corp. Banks have spent millions of dollars to fend off the hackers and restore service.

Researchers have said that Iran has also infiltrated Western oil companies, and it could try to destroy data, though that would increase the risk of retaliation by the United States.  

— Reuters, TAAN