Quantcast
  

Thursday, April 24, 2014         

 Print   Email   Comment | View 2 Comments   Most Popular   Save   Post   Retweet

New York Times website down in apparent hack from pro-Syrian group

By Martha Mendoza

Associated Press

POSTED:
LAST UPDATED: 02:56 p.m. HST, Aug 27, 2013



SAN JOSE, Calif. >> Readers who tried to click on the New York Times’ website got nothing but error messages this afternoon in its second major disruption this month, with a group calling itself “The Syrian Electronic Army” claiming responsibility.

Within minutes of the attack, the New York Times announced in a Twitter message that it would continue to publish the news. The site published two reports over two hours on chemical attacks in Syria. The news organization also set up an alternative news site, news.nytco.com.

The cause of today’s service problems at the New York Times was unknown, but the behavior was consistent with a hacking attack that hijacks control of a site from its administrators.

Times officials did not immediately return phone and email messages for comment. In a Twitter message, Times spokeswoman Eileen Murphy said the cause was a “malicious external attack.”

Two weeks ago, the Times’ website suffered an outage that the company blamed on a server problem.

The Syrian Electronic Army has, in recent months, taken credit for Web attacks on media targets that it sees as sympathetic to Syria’s rebels. The SEA claims to have hacked the Washington Post, and Twitter feeds of several news organizations including The Associated Press, Al-Jazeera English and the BBC.

The group said in a Twitter message today that it also took over Twitter and Huffington Post U.K.

Twitter spokeswoman Christina Thiry said the company is looking into the claims.

Twitter and The New York Times were both hit by a technique known as “DNS hijacking,” according to Robert Masse, president of Montreal, Canada-based security startup Swift Identity.

The technique works by tampering with domain name servers that translate easy-to-remember names like “nytimes.com” into the numerical Internet Protocol addresses (such as “170.149.168.130”) which computers use to route data across the Internet.

Domain name servers basically work as the Web’s phone books, and if attackers gains access to one, they can funnel users trying to access sites like The New York Times or Twitter to whichever rogue server they please.

Masse said DNS attacks are popular because they bypass a website’s security to attack the very architecture of the Internet itself.

“Companies spend a lot of time, money, resources and defending their servers, but they forget about auxiliary infrastructure that is integrally connected to their networks, like DNS.”

The domains for both Twitter.com and the NYTimes.com today pointed to an Australian company called Melbourne IT, a “world leader in domain name registration.” Their spokesman did not immediately respond to comment. Renesys Corp. meanwhile tracked the Internet protocol addresses back to the same ones as the Syrian Electronic Army’s sea.sy which the firm said in a Twitter message has been hosted in Russia since June.

Michael Fey, a chief technology officer at Santa Clara, Calif. based cybersecurity firm McAfee, said today that as long as media organizations play a critical role as influencers and critics, they will continue to be targets of cyber-attacks.

He said the battle tactics are broad, from denial of service attacks, to targeted attacks using social engineering and to deploying information-gathering Trojans.

“Regardless of technology or tactics deployed, we should expect to see more of these attacks,” he said.

FBI spokeswoman Jenny Shearer at the Washington D.C. headquarters said the agency has no comment on the attack.

Cybersecurity experts said hijacking attacks are preventable.

“As this incident illustrates, any time you integrate third party code into your site, it presents a new attack vector for hackers.  You must not only ensure your own code is secure, but you must also rely upon third parties’ security practices,” said Aaron Titus, a privacy officer and attorney at New York-based privacy software firm Identity Finder.







 Print   Email   Comment | View 2 Comments   Most Popular   Save   Post   Retweet

COMMENTS
(2)
You must be subscribed to participate in discussions
By participating in online discussions you acknowledge that you have agreed to the TERMS OF SERVICE. An insightful discussion of ideas and viewpoints is encouraged, but comments must be civil and in good taste, with no personal attacks. Because only subscribers are allowed to comment, we have your personal information and are able to contact you. If your comments are inappropriate, you may receive a warning, and if you persist with such comments you may be banned from posting. To report comments that you believe do not follow our guidelines, email commentfeedback@staradvertiser.com.
Leave a comment

Please login to leave a comment.
JohnD2 wrote:
On August 14, 2013, the previous Syrian cyberattack on the N.Y. Times, email from federal courts was delivered to my junk mail box instead of the inbox. Coincidence?
on August 27,2013 | 01:30PM
tiki886 wrote:
This comment has been deleted.
on August 27,2013 | 02:44PM
eoe wrote:
I do. Better than any other news source in the country.
on August 27,2013 | 02:51PM
IN OTHER NEWS
Breaking News
Blogs
Warrior Beat
One last fling

Political Radar
Phased in

Political Radar
Palolo v. Pauoa

Political Radar
Palolo v. Pauoa

Career Changers
Must Sea TV

Political Radar
HB 1700 — Day 4

Political Radar
Pass