A Syrian hacker group has claimed responsibility for disrupting and halting U.S. based websites, including the New York Times.
This comes as no surprise after threats by United States President Barack Obama to attack Syria. News reports had mentioned that the stealth bomber was one option that the U.S. military would have taken against Syrian President Bashar al- Asaad, who had launched chemical attack on Syria’s civilians. This is the second time that the New York Times Web site has been hacked in August. The recent attack came from a pro-Syrian group known as the Syrian Electronic Army.
At 3:17am, New York Time, the Eyewitness News Web site of WABC-TV reported that the New York Times is reporting that its website has been hacked. The VP of Corporate Communications tweeted that the disruption was due to malicious activity from an external source. The Times said it was on resolving the problem. As soon as the source of the attack was known, the New York Times set up alternate Web sites to rebut with articles on the chemical attacks in Syria; One headline read, "Not Easy to Hide a Chemical Attack, Experts Say."
MIT Technology Review’s Tom Simonite’s gave his analysis of the cyberspace disruption saying, “The Syrian Electronic Army (SEA) has made high profile attacks in the past, taking over the Twitter accounts of the Associated Press and The Onion, and redirecting visitors to the Washington Post. But the timing of today’s attack shows how an Internet gadfly like the SEA can punch far above its weight,” the ITWire.com reported. Simonite added, “President Obama’s decision about whether to use force in Syria won’t hang on the actions of the SEA, but the group can hardly be ignored altogether. By bringing down high profile US web sites the SEA can surely affect how the US response is perceived, both domestically and overseas. In the event of a US strike against Syria in the coming days, a second wave of successful attacks against American websites in response could even be embarrassing to Obama.”
Melbourne IT, the domain firm hosts some of the biggest names in the business like Microsoft and Yahoo and the security breach could have been disastrous. "This could've been one of the biggest attacks we've ever seen, if they were more subtle and more efficient about it," said Rapid7’s chief research officer at HD Moore, a cyber security firm.
The SEA has previously packed the U.K.’s Guardian, the Washington Post, and the Associated Press. The current attack affected The Huffington Post and Twitter as well.
The SEA was able to take down the Web sites by manipulating its domain names with the hosting firm, Melbourne IT in Australia, according to The Washington Post.
Alien Vault’s researcher Jaime Blasco noted, "They (SEA) don't seem to be interested in infecting end users, which is a good thing." Hackers who successfully break into MelbourneIT's systems could potentially redirect and intercept emails sent to addresses under certain domains, researchers said. And users of sites that don't begin with "https" could have been fooled into entering passwords that could have been captured.”
Media firms ignored hackers until 2011. These hacks are preventable if nothing is downloaded from the Net, say experts: "As this incident illustrates, any time you integrate third-party code into your site, it presents a new attack vector for hackers. You must not only ensure your own code is secure, but you must also rely upon third parties' security practices," said a privacy officer and attorney Aaron Titus, Identity Finder in an Associated Press report. Santa Clara, Calif.-based based security firm, McAffee said that cyber attacks are expected as long as there are media organizations playing a leading role as critics and commentators on the Internet, Business Week reports.
The head of technology at Intel Corp's McAfee security division Michael Fey at McAfee security division described the incident by saying, "They changed just a few sites, but if they had actually gone all out, they could've had most of the Internet watching them run the show."
Timeline of SEA Hacks (Source: Wikepedia)
To contact the editor, e-mail: