The Syrian Electronic Army (SEA) has admitted responsibility for Tuesday’s attack on the New York Times news website.
The website’s two-day, 20-hour outage was confirmed on Twitter in a Tweet tweeted by the SEA, a group whose loyalties are to Syrian President Bashar Al-Assad. The cyber attacks were instigated by the Syrian group because of possible military action against Syria for the reported use of chemical warfare used against it’s own country to suppress civilian up rise in removing President Al-Assad from power.
The SEA has been responsible for several of the recent website hacks the online news site has experienced, and on Twitter took credit for disabling the NY Times domain.
Reports began coming in via Twitter that the online news site was disabled on Tuesday around 3:00 p.m. ET. Not only was the websites’ domain compromised, also affected were the NY Times’ mobile sites and apps.
On their Facebook page, the NY Times announced that they were having problems with their online site due to external, malevolent attacks. This attack is the most severe attack ever implemented by the SEA. The news company’s domain Melbourne IT was hacked into creating the outages. The NYT personnel were warned to refrain from sending sensitive emails until the problem had been corrected.
Even though the online website was disabled, articles were still being posted to IT address 18.104.22.168 and news.Ntyco.com for the public’s access. Additional layers of security are currently being discussed for adding even more protection to the domain in preventing this from happening again.
The trouble occurred when the cyber attackers hacked in to the news site’s Domain Name System (DNS) information. Thus when people clicked on to the NY Times server to get the news, the hackers had the domain set up to redirect the visitors to the SEA website.
Their actions were accomplished was through a reseller breach. The reseller, who sells domains through the NY Times company system’s log-in credentials were confiscated allowing SEA “open door” access in carrying out the hack. Simply stated, the SEA successfully obtained a valid password and user name to get into the site and create havoc worldwide.
In January of this year, the SEA stole 53 NY Times employee passwords. A note to website visitors who have concerns regarding password protection, “Registry lock” features are in place on the news website and available for use in fully protecting viewer domains.
This was not the first time for the group to hack into the news site. On Aug. 14, the NY Times had a similar problem prior to this incident, but the residual effects were not as extreme as the most recent hit. In the Aug. 14 instance, the company advised that site outages were internal, but at the time did not understand the true circumstance surrounding their trouble.
Not only have the cyber-terrorist attacks gone viral with The NY Times system, Twitter feeds for the Associated Press, The Washington Post and CNN have been maliciously been hacked into by the group, their attacks becoming more and more sophisticated.
In the Twitter attack, the SEA compromised the sites images and style domain corrupting the displaying of images. And as an ominously, evil taunt, the malicious group tweeted a message @Twitter “Look at your domain, its owned by #SEA.”
Media attacks are no longer just annoying and inconvenient, but are now becoming a terrorist threat to the world. As what happened with the New York Times, if the SEA is to implement malicious viral attacks on a worldwide level, the billions of website users will severely be put at risk along with government security.
Written by Lisa Graziano