New York Times website down again. Updates: Hacked by "Syrian Electronic Army."

By artappraiser on Tue, 08/27/2013 - 4:44pm |

The New York Times Web site is experiencing technical difficulties. We are working on fully restoring the site.
— The New York Times (@nytimes) August 27, 2013

URL:

https://twitter.com/nytimes/status/372454314918563840

1719 reads

Comments

New York Times website believed to be hacked

By Samantha Bomkamp Chicago Tribune, 4:37 p.m. CDT, August 27, 2013

The New York Times said on Tuesday that its website's second outage this month was likely caused by hackers.

New York Times Co spokeswoman Eileen Murphy tweeted on Tuesday that the “issue is most likely the result of a malicious external attack,” based on an initial assessment [.....]

by artappraiser on Tue, 08/27/2013 - 7:47pm

‘Syrian Electronic Army’ Takes Down The New York Times
By Kevin Poulsen, Threat Level @ wired.com, 08.27.13, 6:22 PM

Hacktivists loyal to Syrian president Bashar Al-Assad have taken over The New York Times’ web address to broadcast a circa-1998-style defacement message: “Hacked by Syrian Electronic Army.”

There’s no evidence that the Times’ internal systems were compromised. Instead, the attackers got control of the NYTimes.com domain name this afternoon through the paper’s domain name registrar, Melbourne IT, then set it to map to a Russian hosting service delivering the message. Judging from the response on Twitter, some visitors were served a large image of the hacker group’s logo, but most just got timeout errors [....]

by artappraiser on Tue, 08/27/2013 - 7:50pm

The NYT reports same, via its temporary alternate news feed, http://news.nytco.com/

Also that they broke into the domain, and that the same group may be trying to attack Twitter:

Times Web Site Affected by External Hacking Attack

By CHRISTINE HAUGHNEY and NICOLE PERLROTH

August 27, 2013

The New York Times Web site was unavailable to readers Tuesday afternoon after an online attack on the company’s domain name registrar, Melbourne IT. The attack also forced employees of The Times to stop sending out sensitive e-mails.

Marc Frons, chief information officer for The New York Times Company, issued a statement at 4:20 p.m. warning employees that the disruption — which appeared to still be affecting the Web site well into the evening — was “the result of a malicious external attack.” He advised employees to “be careful when sending e-mail communications until this situation is resolved.”

In an interview, Mr. Frons said the attack was carried out by a group known as “the Syrian Electronic Army or someone trying very hard to be them.” The Web site first went down after 3 p.m.; after service was restored, the hackers quickly disrupted the site again. Shortly after 6 p.m., Mr. Frons said that “we believe that we are on the road to fixing the problem.”

Several people on Twitter also said they believed the attack was the work of the Syrian Electronic Army, a group of hackers who support President Bashar al-Assad of Syria. Matt Johansen, head of the Threat Research Center at White Hat Security, posted on Twitter that he was directed to a Syrian Web domain when he tried to access The Times’s Web site.

The S.E.A. first emerged in May 2011, during the first Syrian uprisings, when they started attacking a wide array of media outlets and nonprofits and spamming popular Facebook pages like President Obama’s and Oprah Winfrey’s with pro-Assad comments. Their goal, they said, was to offer a pro-government counternarrative to media coverage of Syria.

The group has consistently denied ties to the government of Mr. Assad and has said it does not target Syrian dissidents, but security researchers and Syrian rebels are not convinced. They say the group is the outward-facing campaign of a much quieter surveillance campaign targeting Syrian dissidents and are quick to point out that Mr. Assad once referred to the S.E.A. as “a real army in a virtual reality.”

Until now, The Times has been spared from being hacked by the S.E.A., which has successfully disrupted the Web operations of news organizations like The Financial Times. On Aug. 15, the group attacked The Washington Post’s Web site through a third-party service provided by a company called Outbrain. At the time, the S.E.A. also tried to hack CNN. Some information security experts said the group also appeared to be ready to attack The New York Times Web site that day. (Just a day earlier, on Aug. 14, The Times’s Web site was down for several hours. The Times cited technical problems and said there was no indication the site was hacked.)

In a post on Twitter Tuesday afternoon, the S.E.A. also said it had hacked the administrative contact information for Twitter’s domain name registry records. According to the Whois.com lookup service, the Syrian Electronic Army was listed on the entries for Twitter’s administrative name, technical name and e-mail address.

Jim Prosser, a Twitter spokesman, said the social network was “looking into” the Syrian Electronic Army’s claim that it had taken control of a Twitter domain.

Mr. Frons said the attacks Tuesday on Twitter and The New York Times required significantly more skill than the string of S.E.A. attacks on media outlets earlier this year, when the group attacked Twitter accounts for dozens of outlets ranging from The Guardian to The Associated Press. Those attacks caused the stock market to plunge after the group planted false tales of explosions at the White House.

“In terms of the sophistication of the attack, this is a big deal,” said Mr. Frons. “It’s sort of like breaking into the local savings and loan versus breaking into Fort Knox. A domain registrar should have extremely tight security because they are holding the security to hundreds if not thousands of Web sites.”

by artappraiser on Tue, 08/27/2013 - 8:08pm

This August 19 USA Today article explains how in the past they accessed domains via "spear phishing" employee email:

Two names surface tied to Syrian Electronic Army

and more detail on their methods here in a July 30 Information Week piece:

Syrian Electronic Army Hacks White House Media Team

by artappraiser on Tue, 08/27/2013 - 8:38pm

An April 29 piece on the Syrian Electronic Army itself at The Guardian:

Syrian Electronic Army: Assad's cyber warriors

Phishing attack is latest by pro-Assad hackers operating out of Dubai, who target sites with views opposed to their own

by artappraiser on Tue, 08/27/2013 - 9:08pm

While everyone looks at Syria...

Don't let it all blind you from looking over here...

~OGD~

by oldenGoldenDecoy on Wed, 08/28/2013 - 12:23pm

"Anonymous" has been trying to uncover members of the Syrian Electronic Army, an interesting development, to say the least:

How Did Syria's Hacker Army Suddenly Get So Good?

By Shane Harris, Killer Aps @ ForeignPolicy.com, September 3, 2013 - 8:10 PM

[....] Last week, the hacker group Anonymous, probably the best known in the world, released information it stole from an SEA server. The Anonymous intrusion helped to confirm some details about how the group works; for instance, it is apparently not officially alligned with the Assad regime, but is comprised of supporters who may receive some backing from the government. But Anonymous also showed that the SEA is not impervious. The hacker collective claimed to release informaiton about the SEA's core members, including their personal e-mails and passwords for their accounts. The SEA claims their systems were never breached, and that reports identifying their members are erroneous. [....]

by artappraiser on Wed, 09/04/2013 - 2:21pm

New York Times website down again. Updates: Hacked by "Syrian Electronic Army."

Comments

August 27, 2013

Sections

Bloggers