New York Times, Twitter hacked by Syrian group

NYT_1_0.JPG

San Francisco: Media companies including the New York Times, Twitter and the Huffington Post lost control of some of their websites on Tuesday after hackers supporting the Syrian government breached the Australian Internet company that manages many major site addresses.
The Syrian Electronic Army, a hacker group that has previously attacked media organizations that it considers hostile to the regime of Syrian president Bashar al-Assad, claimed credit for the Twitter and Huffington Post hacks in a series of Twitter messages.
Security experts said electronic records showed that NYTimes.com, the only site with an hours-long outage, redirected visitors to a server controlled by the Syrian group before it went dark.
New York Times Co spokeswoman Eileen Murphy tweeted the "issue is most likely the result of a malicious external attack", based on an initial assessment.
The Huffington Post attack was limited to the blogging platform's U.K. web address. Twitter said the hack led to availability issues for an hour and a half but that no user information was compromised.
The attacks came as the Obama administration considers taking action against the Syrian government, which has been locked for more than two years in an increasingly bloody struggle against rebels.
In August, hackers promoting the Syrian Electronic Army simultaneously targeted websites belonging to CNN, Time and the Washington Post by breaching a third party service used by those sites.
The Syrian Electronic Army, or SEA, managed to gain control of the sites by penetrating MelbourneIT, an Australian Internet service provider that sells and manages domain names including Twitter.com and NYTimes.
Officials at The New York Times, which identified MelbourneIT as its domain name registrar and the primary hacking victim, warned its employees to stop sending sensitive e-mails from their corporate accounts.
MebourneIT spokesman Tony Smith said that login credentials from one of its resellers had been used improperly.
Once MelbourneIT was notified, he said, the company restored the correct domain name settings, changed the password on the compromised account, and locked the records to prevent further alterations.
"We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies," Smith said. "We will also review additional layers of security that we can add to our reseller accounts."
Twitter did not respond to requests for comment. In a blog post, the company said "it appears DNS (domain name system) records for various organizations were modified, including one of Twitter's domains used for image serving, Twimg.com. Viewing of images and photos was sporadically impacted."
HACKERS LIMITED TARGETS, SAY EXPERTS
Jaeson Schultz, a Cisco Systems researcher, said that in the authoritative records known as WHOIS the Syrian Electronic Army listed itself as the contact for all of Twitter.com, which would have given it the power to take the site offline or place its own content there.
"It seems that their message is redirecting people back to their own website for news about the SEA or about Syria," Schultz said. "They don't seem to be interested in infecting end users, which is a good thing."
Hackers who successfully break into MelbourneIT's systems could potentially redirect and intercept emails sent to addresses under certain domains, researchers said. And users of sites that don't begin with "https" could have been fooled into entering passwords that could have been captured, said Jaime Blasco, a researcher with security firm AlienVault.
Because MelbourneIT serves as the registrar for some of the best known domain names on the Internet, including Microsoft.com and Yahoo.com, Tuesday's breach could have had potentially catastrophic consequences.
"This could've been one of the biggest attacks we've ever seen, if they were more subtle and more efficient about it," said HD Moore, the chief research officer at Rapid7, a cyber security firm. "They changed just a few sites, but if they had actually gone all out, they could've had most of the Internet watching them run the show."
Media companies, which were largely ignored by hackers until 2011, have been targeted since then by pranksters and suspected Chinese agents, as well as partisans in the Middle East.
"As long as media organizations play a critical role as influencers and critics, they will continue to be targets of cyber attacks," said Michael Fey, chief technology officer at Intel Corp's McAfee security division.

Post new comment

<form action="/comment/reply/253138" accept-charset="UTF-8" method="post" id="comment-form"> <div><div class="form-item" id="edit-name-wrapper"> <label for="edit-name">Your name: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="60" name="name" id="edit-name" size="30" value="Reader" class="form-text required" /> </div> <div class="form-item" id="edit-mail-wrapper"> <label for="edit-mail">E-Mail Address: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="64" name="mail" id="edit-mail" size="30" value="" class="form-text required" /> <div class="description">The content of this field is kept private and will not be shown publicly.</div> </div> <div class="form-item" id="edit-comment-wrapper"> <label for="edit-comment">Comment: <span class="form-required" title="This field is required.">*</span></label> <textarea cols="60" rows="15" name="comment" id="edit-comment" class="form-textarea resizable required"></textarea> </div> <fieldset class=" collapsible collapsed"><legend>Input format</legend><div class="form-item" id="edit-format-1-wrapper"> <label class="option" for="edit-format-1"><input type="radio" id="edit-format-1" name="format" value="1" class="form-radio" /> Filtered HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Allowed HTML tags: &lt;a&gt; &lt;em&gt; &lt;strong&gt; &lt;cite&gt; &lt;code&gt; &lt;ul&gt; &lt;ol&gt; &lt;li&gt; &lt;dl&gt; &lt;dt&gt; &lt;dd&gt;</li><li>Lines and paragraphs break automatically.</li></ul></div> </div> <div class="form-item" id="edit-format-2-wrapper"> <label class="option" for="edit-format-2"><input type="radio" id="edit-format-2" name="format" value="2" checked="checked" class="form-radio" /> Full HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Lines and paragraphs break automatically.</li></ul></div> </div> </fieldset> <input type="hidden" name="form_build_id" id="form-ab404c7e6bc8f00219e79f1f1fc8cbe8" value="form-ab404c7e6bc8f00219e79f1f1fc8cbe8" /> <input type="hidden" name="form_id" id="edit-comment-form" value="comment_form" /> <fieldset class="captcha"><legend>CAPTCHA</legend><div class="description">This question is for testing whether you are a human visitor and to prevent automated spam submissions.</div><input type="hidden" name="captcha_sid" id="edit-captcha-sid" value="86430448" /> <input type="hidden" name="captcha_response" id="edit-captcha-response" value="NLPCaptcha" /> <div class="form-item"> <div id="nlpcaptcha_ajax_api_container"><script type="text/javascript"> var NLPOptions = {key:'c4823cf77a2526b0fba265e2af75c1b5'};</script><script type="text/javascript" src="http://call.nlpcaptcha.in/js/captcha.js" ></script></div> </div> </fieldset> <span class="btn-left"><span class="btn-right"><input type="submit" name="op" id="edit-submit" value="Save" class="form-submit" /></span></span> </div></form>

No Articles Found

No Articles Found

No Articles Found

I want to begin with a little story that was told to me by a leading executive at Aptech. He was exercising in a gym with a lot of younger people.

Shekhar Kapur’s Bandit Queen didn’t make the cut. Neither did Shaji Karun’s Piravi, which bagged 31 international awards.