The technique works by tampering

The technique works by tampering with domain

Readers who tried to click on the New York Times’ website got nothing but error messages Tuesday afternoon in its second major disruption this month, with a group calling itself “The Syrian Electronic Army” claiming responsibility.

Within minutes of the attack, the New York Times announced in a Twitter message that it would continue to publish the news. The site published two reports over two hours on chemical attacks in Syria.

The cause of Tuesday’s service problems at the New York Times was unknown, but the behavior was consistent with a hacking attack that hijacks control of a site from its administrators.

Times officials did not immediately return phone and email messages for comment. In a Twitter message, Times spokeswoman Eileen Murphy said the cause was a “malicious external attack.”

Two weeks ago, the Times’ website suffered an outage that the company blamed on a server problem.

The Syrian Electronic Army has, in recent months, taken credit for Web attacks on media targets that it sees as sympathetic to Syria’s rebels. The SEA claims to have hacked the Washington Post, and Twitter feeds of several news organizations including The Associated Press, Al-Jazeera English and the BBC.
Click on their website www.mileweb.com/security-services for more information.

The group said in a Twitter message Tuesday that it also took over Twitter and Huffington Post U.K.

Twitter spokeswoman Christina Thiry said the company is looking into the claims.

Twitter and The New York Times were both hit by a technique known as “DNS hijacking,” according to Robert Masse, president of Montreal, Canada-based security startup Swift Identity.

The technique works by tampering with domain name servers that translate easy-to-remember names like into the numerical Internet Protocol addresses which computers use to route data across the Internet.

Domain name servers basically work as the Web’s phone books, and if attackers gains access to one, they can funnel users trying to access sites like The New York Times or Twitter to whichever rogue server they please.

Masse said DNS attacks are popular because they bypass a website’s security to attack the very architecture of the Internet itself.

“Companies spend a lot of time, money, resources and defending their servers, but they forget about auxiliary infrastructure that is integrally connected to their networks, like DNS.”

Their spokesman did not immediately respond to comment. Renesys Corp. meanwhile tracked the Internet protocol addresses back to the same ones as the Syrian Electronic Army’s sea.sy which the firm said in a Twitter message has been hosted in Russia since June.

Michael Fey, a chief technology officer at Santa Clara, Calif. based cybersecurity firm McAfee, said Tuesday that as long as media organizations play a critical role as influencers and critics, they will continue to be targets of cyber-attacks.

He said the battle tactics are broad, from denial of service attacks, to targeted attacks using social engineering and to deploying information-gathering Trojans.

“Regardless of technology or tactics deployed, we should expect to see more of these attacks,” he said.

“As this incident illustrates, any time you integrate third party code into your site, it presents a new attack vector for hackers. You must not only ensure your own code is secure, but you must also rely upon third parties’ security practices,” said Aaron Titus, a privacy officer and attorney at New York-based privacy software firm Identity Finder.

Welcome to solar outdoor lights web,double sided tape is best choose! If you love it,Please buy it!

Sponsor Ads

• Ad Space Available - Rent it Now!

Report this Page

Created on Dec 31st 1969 18:00. Viewed 0 times.

Share on APSense

Comments