WASHINGTON— The Syrian government and its allies are widely believed to be using cyber attacks to target members of the opposition. Meanwhile, the Obama administration reportedly has been debating the use of cyber attacks to disrupt the Syrian government's military, but has been hesitant to do so.
While violence rages in Syria, not all of the conflict is taking place in the streets. Some of it is happening in cyberspace.
The Electronic Frontier Foundation has spent more than two years studying malware campaigns against Syrian dissidents and opposition members.
The government of Syrian President Bashar al-Assad and its supporters are to blame, says the Foundation's global policy analyst Eva Galperin.
"They are all being run by a very, very limited number of groups. And the organizations with the strongest reason to spy on people in this fashion would be the Assad regime," says Galperin.
At the Washington-based Syrian Emergency Task Force, Evan Barrett says social media sites are used to identify Syrians for detention or torture.
“Syrian activists are confident that the regime is doing this, and feel that there are people who have been sort of rounded up and detained, where there’s no way that the regime could have known about their activities except through online surveillance,” says Barrett.
News reports say the Obama administration is discussing using cyber attacks to disrupt Syrian military operations, especially the barrel bombing of civilians.
Barrett says that would be a low-cost way to limit human suffering.
“Even if we can only delay bombing of civilian areas for a week or two weeks, that seems like an important accomplishment to me,” says Barrett.
The U.S. has used cyber attacks in the past, against Iran's nuclear facilities, through the computer virus Stuxnet and other reported operations.
But some in the U.S. intelligence community say the effectiveness of the attacks is limited.
Barrett says his group asked the National Security Council in 2012 to wage cyber warfare against Syria, and was rebuffed.
“That doesn’t mean they’re not pursuing some cyber strategy, and they may have just viewed it as their prerogative to not let us know what they’re doing. But we have had conversations with the State Department, with the NSC, and have been told that, you know, they’re not pursuing that at this time,” says Barrett.
On the problem of Syrian cyber attacks, Eva Galperin says there is no need for the U.S. government to get involved, since American Internet companies are motivated to fight the problem.
"...the malware is being spread largely using platforms that are controlled by U.S. companies, such as Facebook or Skype, or by email such as Gmail. We've really had the most luck in cooperating with U.S. companies," says Galperin.
And while the administration's strategy discussion continues, so does the fighting in Syria.