Quantcast
Latest Stories

NY Times site inaccessible, Twitter problems also



AFP FILE PHOTO

SAN JOSE, California— Readers who tried to click on the New York Times’ website got nothing but error messages for several hours Tuesday during the site’s second major disruption this month, and people also had trouble accessing Twitter. A hacker group calling itself the “Syrian Electronic Army” claimed responsibility.

Within minutes of the attack, the New York Times quickly set up alternative websites, posting stories about chemical attacks in Syria. “Not Easy to Hide a Chemical Attack, Experts Say,” was the headline of one. The service was restored early Wednesday.

“Our Web site was unavailable to users in the United States for a time on Tuesday,” the newspaper said in a post on its website. “The disruption was the result of an external attack on our domain name registrar, and we are at work on fully restoring service. We regret if this has caused you any inconvenience.”

The cyberattacks come at a time when the Obama administration is trying to bolster its case for possible military action against Syria, where the administration says President Bashar Assad’s government is responsible for a deadly chemical attack on civilians. Assad denies the claim.

“Media is going down …” warned the Syrian Electronic Army in a Twitter message before the websites stopped working, adding that it also had taken over Twitter and the Huffington Post U.K.

Times spokeswoman Eileen Murphy said the disruption was caused by a “malicious external attack” that affected its website and email, while Twitter spokesman Jim Prosser said the viewing of images and photos was sporadically affected. Huffington Post U.K. did not respond to requests for comment.

Both Twitter and the Times said they were resolving the attack, which actually hit an Australian company that registered their domain names, Melbourne IT.

Theo Hnarakis, chief executive of Melbourne IT, a technology services and web hosting company, said the hackers entered the New York Times’ domain using the correct user name and password.

“They came in through the front door,” Hnarakis told Australian Broadcasting Corp. radio on Wednesday. “If you’ve got a valid user name and password … the assumption from our systems is that you are the authorized owner and user of that domain name.”

The hacker “put some information on there that brought those websites down and we’re currently investigating,” he added.

Hnarakis also told ABC that the hackers targeted Twitter and Huffington Post domains, but they were protected by optional security systems added to their accounts. Hnarakis did not immediately return a call for comment.

Once Melbourne IT was notified, the company restored the affected DNS records to their previous values and locked the affected records from any further changes, company spokesman Tony Smith said earlier. It also changed the reseller’s credentials so no further changes could be made.

“We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies,” Smith said in an email.

“We will also review additional layers of security that we can add to our reseller accounts,” he added.

Tracking the hack even further, computer forensics from security firm Renesys Corp. traced the Internet protocol addresses back to the same ones as the Syrian Electronic Army’s website sea.sy, which the firm said has been hosted out of Russia since June.

A Syrian Electronic Army activist confirmed to The Associated Press that the group hijacked the Times’ and Twitter’s domains by targeting Melbourne IT.

“I can’t say how, but yes we did hit Melbourne IT,” the hacker said in an email. No further details were disclosed.

The Syrian Electronic Army has, in recent months, taken credit for Web attacks on media targets that it sees as sympathetic to Syria’s rebels, including prior attacks at the New York Times, along with the Washington Post, Agence France-Press, 60 Minutes, CBS News, National Public Radio, The Associated Press, Al-Jazeera English and the BBC.

FBI spokeswoman Jenny Shearer in Washington said the agency has no comment on Tuesday’s attack.

Tuesday’s victims were hit by a technique known as “DNS hijacking,” according to Robert Masse, president of Montreal, Canada-based security startup Swift Identity.

The technique works by tampering with domain name servers that translate easy-to-remember names like “nytimes.com” into the numerical Internet Protocol addresses (such as “170.149.168.130″) that computers use to route data across the Internet.

Domain name servers work as the Web’s phone books, and if attackers gains access to one, they can funnel users trying to access sites like The New York Times or Twitter to whichever rogue server they please. Masse said DNS attacks are popular because they bypass a website’s security to attack the very architecture of the Internet itself.

“Companies spend a lot of time, money, resources and defending their servers, but they forget about auxiliary infrastructure that is integrally connected to their networks, like DNS.”

Cybersecurity experts said hijacking attacks are preventable if website administrators are meticulous about what code they bring into their sites.

“As this incident illustrates, any time you integrate third-party code into your site, it presents a new attack vector for hackers. You must not only ensure your own code is secure, but you must also rely upon third parties’ security practices,” said Aaron Titus, a privacy officer and attorney at New York-based privacy software firm Identity Finder.

Michael Fey, a chief technology officer at Santa Clara, California-based cybersecurity firm McAfee, said that as long as media organizations play a critical role as influencers and critics, they will continue to be targets of cyberattacks.

He said the battle tactics are broad, from denial of service attacks, to targeted attacks using social engineering and to deploying information-gathering Trojans.

“Regardless of technology or tactics deployed, we should expect to see more of these attacks,” he said.


Follow us on Facebook Follow on Twitter Follow on Twitter




Recent Stories:

Filipinos second-shortest in Southeast Asia 6 mins elapsed Ex-COA chief and co-accused in Arroyo plunder case nabbed 2 hours elapsed Kris Aquino’s ex- close in security named new Air Force chief 2 hours elapsed The ‘link diagram’ that killed ex-Bataan police officer 2 hours elapsed Cebu has hair of John Paul II and piece of John XXIII’s skin 2 hours elapsed LTRFB denies Victory Liner appeal 2 hours elapsed NLEX holds off Jumbo Plastic for a playoff berth 2 hours elapsed Tagle to Napoles: Be honest and return the money 3 hours elapsed
Complete stories on our Digital Edition newsstand for tablets, netbooks and mobile phones; 14-issue free trial. About to step out? Get breaking alerts on your mobile.phone. Text ON INQ BREAKING to 4467, for Globe, Smart and Sun subscribers in the Philippines.

Tags: Cyber attack , hacking , New York Times , News , technology , Twitter



Copyright © 2014,
.
To subscribe to the Philippine Daily Inquirer newspaper in the Philippines, call +63 2 896-6000 for Metro Manila and Metro Cebu or email your subscription request here.
Factual errors? Contact the Philippine Daily Inquirer's day desk. Believe this article violates journalistic ethics? Contact the Inquirer's Reader's Advocate. Or write The Readers' Advocate:
c/o Philippine Daily Inquirer Chino Roces Avenue corner Yague and Mascardo Streets, Makati City, Metro Manila, Philippines Or fax nos. +63 2 8974793 to 94
Advertisement Advertisement
  1. Mark Caguioa lambasts Ginebra teammates on Twitter
  2. ‘Unlimited’ Internet promos not really limitless; lawmakers call for probe
  3. No truth to viral no-visa ‘chronicles’
  4. Nokia to be named Microsoft Mobile
  5. Senator wants to probe PH slow Internet connection
  6. Bam Aquino becomes Master Splinter’s son after Wiki hack
  7. Viber releases new design for iPhone, comes to Blackberry 10 for the first time
  8. New York police Twitter campaign backfires badly
  9. PH has slowest internet in Southeast Asia
  10. Did Deniece Cornejo lambast Vhong Navarro on social media?
  1. PH has slowest internet in Southeast Asia
  2. Mark Caguioa lambasts Ginebra teammates on Twitter
  3. Netizens seethe over Aquino’s ‘sacrifice’ message
  4. Did Deniece Cornejo lambast Vhong Navarro on social media?
  5. Senator wants to probe PH slow Internet connection
  6. Facebook rolls out ‘nearby friends’ feature
  7. Nasa’s moon-orbiting robot crashes down
  8. Judge in Apple v. Samsung patent trial fed up with smart phones in court
  9. Mommy Dionisia sings ‘Riking Bull,’sends netizens ablaze
  10. Nokia to be named Microsoft Mobile
  1. #RejectedBbPilipinas2014Questions flood Twitter
  2. Did Deniece Cornejo lambast Vhong Navarro on social media?
  3. Netizens fall in love with Crimea prosecutor Natalia Poklonskaya
  4. Mommy Dionisia Pacquiao scores, takes over social media
  5. Nude and so dangerous
  6. Mommy Dionisia sings ‘Riking Bull,’sends netizens ablaze
  7. Russia tries to curb Crimean prosecutor’s Internet fame
  8. Memes flourish after Pacquiao victory
  9. PH has slowest internet in Southeast Asia
  10. Netizens thank Capa for Lee arrest

News

  • Ex-COA chief and co-accused in Arroyo plunder case nabbed
  • Kris Aquino’s ex- close in security named new Air Force chief
  • The ‘link diagram’ that killed ex-Bataan police officer
  • Cebu has hair of John Paul II and piece of John XXIII’s skin
  • LTRFB denies Victory Liner appeal
  • Sports

  • NLEX holds off Jumbo Plastic for a playoff berth
  • Pacquiao can dodge tax issues
  • F1 boss Bernie Ecclestone rejects bribery charges
  • Big Chill freezes Cafe France to arrest skid
  • Pacquiao has to go through PBA Rookie draft
  • Lifestyle

  • Gongs and southern dances star in a workshop at San Francisco Bayanihan Center
  • This woman ate what?
  • Photos explore dynamics of youths’ sexual identity
  • 12th Philippine Food Expo set at the World Trade Center
  • No tourist draw, Malang the croc will remain wild
  • Entertainment

  • Smithsonian wants photos, videos for ‘Day in the Life of Asian Pacific Americans’
  • What Garcia Marquez left behind
  • Has Ai Ai fallen deeply with ‘sireno?’
  • Sony developing live-action Barbie comedy
  • California court won’t review Jackson doctor case
  • Business

  • Metro Pacific acquires stake in Victorias
  • How ‘one percent’ economic elite was uncovered
  • Facebook profits triple as mobile soars
  • Insular Honors Sales Performers at Testimonial Rites
  • Apple increases stock buyback, will split stock
  • Technology

  • Enrile in Masters of the Universe, Lord of the Rings?
  • Top Traits of Digital Marketers
  • No truth to viral no-visa ‘chronicles’
  • ‘Unlimited’ Internet promos not really limitless; lawmakers call for probe
  • Viber releases new design for iPhone, comes to Blackberry 10 for the first time
  • Opinion

  • Editorial cartoon, April 24, 2014
  • Talking to Janet
  • Respite
  • Bucket list
  • JPII in 1981: walking a tightrope
  • Global Nation

  • Filipinos second-shortest in Southeast Asia
  • Obama to visit Filipino soldiers in Fort Bonifacio
  • Fil-Am youth conferences unite under one theme
  • Embassy advisory: Filipinos still need visas to enter US
  • No travel restriction to Mideast, DFA clarifies
  • Advertisement
    Marketplace