« Continue Browsing

e-mail article Print     e-mail article E-mail

The Washington Post, Published August 28 2013

New York Times, Twitter websites have continued problems after attack

The New York Times is still feeling the effects of a Tuesday afternoon attack on its website. The hack was claimed by a group known as the Syrian Electronic Army, which also asserted responsibility for a similar attack on the social networking site Twitter.

Tuesday's intrusions were the most sophisticated in a series of attacks on high-profile Western media organizations, including The Washington Post and the Associated Press. The hackers use the attacks to broadcast their support of Syrian President Bashar al-Assad, although the group has never been found to have any official ties to his regime.

Little is known about the group, which appears to made up of mostly younger people. To date, no person has ever been arrested for being a member.

Neither Twitter nor the Times has confirmed that the attacks were the result of efforts by the SEA, although there is evidence suggesting the group was behind both.

The attackers were able to disrupt the websites owned by the Times and Twitter by accessing the records of an Australian firm, Melbourne IT, which registers domain names, such as nytimes.com, and stores directory records for those websites. The hackers then altered the information on these records, which allowed them to prevent users from seeing the Times' s website.

In some cases, users were also redirected to a page with what appeared to be the SEA's logo. The contact information on the records for the Times and Twitter sites was changed to Web properties tied to the Syrian Electronic Army.

Times spokeswoman Eileen Murphy confirmed that the attack on the newspaper's website was the result of a "external attack on our domain name registrar." In a statement to The Washington Post, Melbourne IT said that hackers were able to gain access to the sites by obtaining log-in credentials to a third-party company responsible for maintaining the records of websites, including nytimes.com.

The SEA, in the past, has obtained user names and passwords by "phishing," or sending legitimate-looking emails that ask people to enter their log-in credentials. That appears to have happened in this case, according to Melbourne IT.

While the registrar said that it has corrected the records and taken steps to prevent similar attacks in the future, it can take some time for the changes to go into effect. As of Wednesday afternoon, the Times' s website was still inaccessible for many users, prompting the newspaper to also publish stories to an alternate website.

Twitter said it also had dealt with problems with its system, although Twitter users continued to report some problems seeing images, such as profile pictures, on the site Wednesday morning.

(c) 2013, The Washington Post.