Sunday, September 1, 2013

Syrian Electronic Army hits Twitter and New York Times

    1. Slate Magazine (blog) ‎- by Will Oremus ‎- 2 days ago
      The hack that took down the New York Times homepage on ... from the murkiness surrounding the hacker group, about which not a lot is known ...
    1. BreakingNews.ie‎ - 3 days ago
  1. New York Times, Twitter hacked by Syrian group - Yahoo! News

    news.yahoo.com/york-times-twitter-hacked-syrian-group-020449352.html
    4 days ago - The Syrian Electronic Army (SEA), a hacker group that has attacked media organizations it ... Syrian hackers: We shut down NY Times site.
  2. Syrian Hacker Collective Knocks Out the New York Times | FP ...

    blog.foreignpolicy.com/.../syrian_hacker_collective_knocks_out_new_y...
    4 days ago - Syrian Hacker Collective Knocks Out the New York Times ... On Tuesday, the group appeared to hit the New York Times' website and managed ...
  3. Syrian Electronic Army Suspected In Web Attack On New York Times...

    www.businessinsider.com/twitter-syrian-electronic-army-2013-8
    4 days ago - How the New York Times web site looked during the hack. The Syrian Electronic Army (SEA), a Pro-Assad regime hacker group, claims it gained ... The newspaper said the site went down after an attack on the company's ...
     

    How the Syrian Electronic Army Hit Both Twitter and the New York Times

    SEA NY Times hack
    Screenshot / NYTimes.com

    UPDATE, Tuesday, Aug. 27, 10:09 p.m.: Once again, it turns out that the Syrian Electronic Army infiltrated its major U.S. media targets indirectly, by compromising a related third party.
    The hack that took down the New York Times homepage on Tuesday afternoon and knocked out embedded images on Twitter was the result of a phishing attack on an Australian Web-hosting firm, Melbourne IT, the firm confirmed Tuesday evening. From the Australian Financial Review:
    A spokesman for the Melbourne-based company said the login credentials of a reseller for the company had been compromised, allowing attackers to access servers and change key details that direct users to the correct websites.
    The New York Times’ own story on the hack also identifies the direct target as Melbourne IT, which both the Times and Twitter apparently use as their domain-name registrar. The Times’ chief information officer, Marc Frons, affirmed—slightly cryptically—that the culprit was “the Syrian Electronic Army or someone trying very hard to be them.” Twitter did not mention Melbourne IT or the SEA by name, but issued a statement acknowledging that DNS records had been modified for twimg.com, one of the domains Twitter uses to display images.
    The note of uncertainty in Frons’ statement about the SEA stems from the murkiness surrounding the hacker group, about which not a lot is known except that it appears to vociferously support the regime of Bashar al-Assad. Whether it does any good on behalf of that regime is unclear. The Washington Post’s Max Fisher suggests that the group’s actions make “a lot more sense if you think of them as pranksters who also happen to love Assad than as state-aligned hackers in pursuit of concrete goals.” On the other hand, the Times notes that Syrian rebels and some security experts take the group far more seriously, viewing it as “the outward-facing campaign of a much quieter surveillance campaign focused on Syrian dissidents.”
    Either way, it’s clear that the group’s attacks on U.S. media organizations are growing more sophisticated, if still not particularly damaging. Major domain-name registrars like Melbourne IT are supposed to maintain tight security. But the SEA has demonstrated once again the power of carefully crafted phishing attacks—schemes that involve tricking an organization’s individual employees into downloading malware or giving out sensitive information. That’s the same approach the hacker group has used in the past to gain control of the Twitter accounts of major media organizations, including the Associated Press. (I wrote in more detail about the AP phishing attack here.)
    Melbourne IT ranks as the world’s sixth-largest ICANN domain registrar, responsible for some 2.5 million domains, according to webhosting.info. By far the largest is U.S.-based Go Daddy, with over 25 million.
    Original post, Tuesday, Aug. 27, 5:59 p.m.: Two weeks ago, I wrote that the hackers in the Syrian Electronic Army were getting the upper hand on U.S. media outlets. Today, if initial reports are correct, they appear to have stepped up their game another notch.
    The homepage of the New York Times went down Tuesday afternoon, and a spokeswoman for the paper reported that the outage was "most likely" the result of a "malicious external attack." Whether it was in fact the work of the Syrian Electronic Army was not immediately clear, but at least one security researcher reported that the Times’ domain name server appeared to be pointing to a Syrian Electronic Army domain. Meanwhile, the Times continued to publish stories using a workaround, directing readers to its naked IP address—http://170.149.168.130/ —rather than to www.nytimes.com.
    Meanwhile, the SEA is claiming that it has hacked Twitter itself:
    You might notice that the images in the tweet above are broken. Whether that’s part of the SEA’s Twitter hack is also not clear, but it seems plausible—Twitter was rife with broken images Tuesday afternoon. The link in the tweet points to a “WhoIs” site, which keeps records the owners of various Web addresses. As of 5:45 p.m. on Wednesday, the site was showing the administrator name for Twitter.com as “SEA SEA,” with an email address of sea@sea.sy.
    Circa’s Anthony De Rosa found what could be a link between the two hacks:
    And at around 5:45 p.m., the SEA issued a new tweet suggesting that the Huffington Post’s U.K. site might be compromised as well:
    The story is still developing. The bottom line, for now: The SEA is continuing to make good on its threat to retaliate for Twitter’s takedown of its account, but it still has not accomplished anything particularly substantive in the way of damaging critical U.S. websites or getting its message out to the public. Yet.
    end quote from:

    How the Syrian Electronic Army Hit Both Twitter and the New York Times

    Because Assad thought the punishment from the U.S. military was going to come this weekend the "Syrian Electronic Army" hit the New York Times and Twitter online. It is possible such attacks will continue as our military prepares to strike Syria in the future. If this sort of thing is going to happen even before we do anything at all what can we expect to happen if we actually do something? The world is a much smaller more intimate place than when wars used to be fought in the past.

    Attacks like this on the U.S. make it much more likely that Congress will feel the need to create an attack on Syria and Assad just to save face.

    However, in some ways no matter what happens the mess in the middle east is likely to get worse over the next 5 years and infect the rest of the middle east as well as most of the world. I don't see another way at this point. Of course, God always has miracles that I don't always see coming but I'm grateful for them when they happen.


     

No comments: