For a few hours on Monday, links sent from President Obama’s official Twitter and Facebook feeds redirected users to a Syrian Electronic Army site that showed a 24-minute propaganda video for the Syrian regime.
The social-media blog Mashable initially reported that the SEA claimed to have hacked Obama’s Twitter and Facebook feeds themselves. But that may not be quite right, as an update to the Mashable post explains.
In fact, as Quartz’s Christopher Mims confirmed, the hackers broke into the Gmail account of at least one staffer at Organizing for Action, the nonprofit that was formed in the wake of Obama’s 2012 campaign. From there, they appear to have broken into some of the group’s accounts with various social-media tools. The Daily Beast’s Brian Ries reports that the hackers may have altered Obama’s Facebook and Twitter links through a URL-shortening service called ShortSwitch, perhaps by finding records of OFA staffers’ passwords in their email inboxes. The hackers also appear to have infiltrated the group’s account with Blue State Digital, the tech-services firm that consulted for both Obama campaigns. Blue State Digital’s website was inaccessible Monday afternoon.
Regardless of the details, the Organizing for America staffer told Quartz’s Mims that the group has changed its passwords and added two-factor authentication to its Gmail accounts. The links appeared to be fixed early Monday afternoon.
Obama is the latest in a long line of high-profile targets of Syrian Electronic Army hacks, including the Associated Press, The Onion, Twitter, and more. As I explained in August, the SEA has been able to deface the websites and social-media accounts of even highly security-conscious targets—President Obama would certainly fit into that category—by infiltrating the accounts of less-careful people, companies, and Web tools that those targets rely on. In almost every case, the hack has originated with a successful phishing attack, in which hackers attempt to trick someone into giving up important information (such as account logins and passwords) that can then be used against them.
The good news now, as then, is that the Syrian Electronic Army rarely inflicts much harm. As long as their aim remains spreading propaganda, as opposed to wreaking genuine havoc, the attacks are no cause for panic.
In fact, the hacks’ greatest impact so far may be as highly visible public-service announcements for the perils of phishing attacks and the importance of two-factor authentication. I’ll give Ries the final word for now: