ALEXANDRIA, Va. — A Syrian national pleaded guilty Wednesday to federal charges for his role in a scheme that hacked computers and targeted perceived enemies of Syrian President Bashar al-Assad.
Peter Romar, 37, a refugee who was living in Germany when he was arrested earlier this year, pleaded guilty to charges that spell out a limited role as a member of a so-called Syrian Electronic Army that harassed Harvard University, Human Rights Watch and media outlets.
Sentencing guidelines call for six months to a year in prison, and Romar has already been jailed on the charges for more than six months. As a result, when Romar is sentenced next month, he could receive a sentence of time served and be sent back to Germany.
Romar’s lawyers are eager to have him returned to Germany quickly. He was living there on a refugee visa when he was arrested in March. That visa expires in late November, and public defender Geremy Kamens said Romar’s ability to return to Germany could be compromised if he does not return by then.
According to an FBI affidavit, beginning in 2011 the Syrian Electronic Army targeted entities including Harvard University, the White House, Human Rights Watch, NASA, Microsoft and other groups.
In April 2013, Syrian Electronic Army hackers allegedly sent a tweet from The Associated Press’ Twitter account falsely claiming a bomb had exploded at the White House and injured the president. The message caused the stock market to dip before it was determined to be a hoax.
In some cases, the hackers extorted money from their targets.
Kamens said Romar’s role in the scheme was a limited one, according to the statement of facts. He did not do any hacking himself, but helped transfer the proceeds from those who were extorted. His German address made it easier for him to facilitate financial transactions than someone based in the Middle East, authorities said.
The plea documents filed Wednesday make no mention of the hacks targeting media outlets. Instead, they say Romar helped the Syrian Electronic Army by transferring nearly $1,500 in late 2013 that had been extorted from a company in California and 5,000 euros from a European company that was hacked in 2014.
A co-defendant — Firas Dardar, known online as “The Shadow” — remains at large.
According to the defense, Romar was living in the Syrian city of Aleppo when he fled to Germany as a refugee. His parents were killed in Aleppo, and two brothers were also killed in the fighting in Syria. While he has been in the U.S. facing charges, his German wife has been receiving treatment for brain cancer that required multiple surgeries and chemotherapy.
Last week, a hacker from Kosovo who turned over the names of roughly 1,300 U.S. service members and government workers to the Islamic State — which then published the names on a hit list — was sentenced to 20 years in prison. Unlike Romar, that defendant was charged under a federal terrorism statute and was the first person convicted in the U.S. of both terrorism and computer hacking charges.