In a series of high-profile attacks on media websites, the latest is The New York Times website. It was hacked on Tuesday. As per reports from the newspaper company the site's second major disruption in a month was likely due to hackers. The Syrian Electronic Army is a group of hackers who support President Bashar al-Assad of Syria, which has been linked to similar take-downs of major U.S. media websites and Twitter accounts, later took credit for the hack.
Marc Frons, chief information officer for The New York Times Company, issued a statement at 4:20 p.m. on Tuesday warning employees that the disruption — which appeared to be affecting the Web site well into the evening — was “the result of a malicious external attack.” He advised employees to “be careful when sending e-mail communications until this situation is resolved.”
In an interview, Mr. Frons said the attack was carried out by a group known as “the Syrian Electronic Army, or someone trying very hard to be them.” The group attacked the company’s domain name registrar, Melbourne IT. The Web site first went down after 3 p.m.; once service was restored, the hackers quickly disrupted the site again. Shortly after 6 p.m., Mr. Frons said that “we believe that we are on the road to fixing the problem.”
The New York Times website had a previous outage on Aug. 14, which lasted for two hours and was believed to be a technical problem an unrelated to a cyber attack.
During the outage, the Times was offering its content at a new web address:http://news.nytco.com/. It was tweeting links to its stories from that bare-bones site while it fixes the problems with its main domain.
Shares of the New York Times slipped in extended-hours trading following the news.
The Times said its site was restored shortly after the initial crash, but the hackers quickly disrupted it again. Trying to call up the website rendered varying experiences for readers in different places.
Later during the day, Twitter also experienced some hiccups on its website. A Twitter account that seemingly belongs to SEA showed an image that indicates SEA also attacked Twitter's domain. A Twitter account for the group of hackers called the Syrian Electronic Army asserted that it had attacked the social media website and changed the ownership listing of Twitter's domain name registration. The same account later posted to Twitter that it had also taken over the registrations for the Times website and for the Huffington Post UK domain.
Twitter said that it was investigating the issue. Twitter later issued a status update saying that its Domain Name System (DNS) provider had "experienced an issue in which it appears DNS records for various organizations were modified, including one of Twitter's domains used for image serving, twimg.com." As a result, "Viewing of images and photos was sporadically impacted."
The outage lasted about an hour and a half but was restored by 7:29pm UTC (3:29pm ET), Twitter said.
"No Twitter user information was affected by this incident," Twitter said.
The S.E.A. first emerged in May 2011, during the first Syrian uprisings, when it started attacking a wide array of media outlets and nonprofits and spamming popular Facebook pages like President Obama’s and Oprah Winfrey’s with pro-Assad comments. Their goal, they said, was to offer a pro-government counter narrative to media coverage of Syria.
“In terms of the sophistication of the attack, this is a big deal,” Mr. Frons said. “It’s sort of like breaking into the local savings and loan versus breaking into Fort Knox. A domain registrar should have extremely tight security because they are holding the security to hundreds if not thousands of Web sites.”