The New York Times' website is starting to be restored for many readers late Wednesday morning more than 20 hours after being hacked by what appears to be the Syrian Electronic Army.
The situation is close to being fully resolved said Times spokeswoman Eileen M. Murphy in a statement.
The SEA a group of hackers who support Syrian President Bashar Assad claimed responsibility online and said it also hacked Twitter's sites. The hackers seem to have gained access to the sites of the Times and Twitter through Melbourne IT an Australian company that specializes in website domain name registration.
The Times said Tuesday its website crashed at about 3 p.m. ET following an online attack on Melbourne IT which is the vendor for the domain name the Times uses to host its content online.
Wednesday's problems with the Times' site are not a new attack and the site remained down throughout early Wednesday morning. There is no new outage this morning Murphy said.
If someone is still having trouble accessing the site it is most likely the result of their Internet service provider not having yet restored the proper domain name system (DNS) records she said. ISPs such as Verizon or Time Warner Cable sell high speed access to the web and DNS records include the crucial computer code that identifies particular websites.
The news organization was sending its news feed through another site as of Wednesday morning http //news.nytco.com.
It is the second failure of the Times' site in two weeks. It went dark on Aug. 14 due to what the publication said then was an internal problem not the result of hacking.
Marc Frons chief information officer for The New York Times Co. didn't directly blame the Syrian Electronic Army. But he told New York Times staffers in a memo Tuesday that it appears to be the work of the SEA or someone trying very hard to be them according to a report by the New York Times.
He also advised the staff to be careful when sending e mail communications until this situation is resolved.
Huffington Post and Twitter also confirmed their websites were affected by the DNS attacks. For Twitter the Tuesday attack on its website used for images resulted in users having trouble viewing photos. A Twitter account that seemingly belongs to SEA showed an image that indicates SEA also attacked Twitter's domain.
Corporate websites' domain name system (DNS) which assigns the site's domain names and indexes them on designated servers remains particularly vulnerable to hacker attacks said Gunter Ollmann chief technology officer of Internet security firm IOActive. It's a very complex equation he said. There are soft points.
Media websites also are becoming increasingly complex and vulnerable as they integrate more software and content from partners including third party vendors widget developers and advertising networks.
A day after the Times' Aug. 14 crash the SEA also took down the websites of The Washington Post CNN and Time. The companies said SEA hacked the Internet service of Outbrain a content recommendation company whose software widget is embedded in their websites.
Such attacks underscore the vulnerability of electronic links and communication that now underpin much of the information flow in the U.S. But targeting media sites brings more attention for hackers Ollmann said. If the website of GE or The New York Times went down which is going to generate more attention
Melbourne IT blamed one of its resellers for the security breach according to its statement that appeared on technology news site TechCrunch.
The hackers gained access to the reseller's account on Melbourne IT's systems. And the DNS records of several domain names on that reseller's account including NYTimes.com were changed it said.
Melbourne IT said it restored the affected DNS records back to their previous settings and took measures to prevent further changes.
We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials and we will share this information with the reseller and any relevant law enforcement bodies it said.
Registrars really need to run a tighter ship said Paul Ferguson vice president of network monitoring firm Threat Intelligence. This seems to continually happen and each time it further erodes trust in the entire system.
Contributing Byron Acohido
{ 0 comments... Views All / Send Comment! }
Post a Comment