Visitors to the New York Times, Twitter and the Huffington Post on Tuesday could either not access the sites, or were redirected to a page bearing the Syrian Electronic Army (SEA) logo.
According to Reuters, the SEA accomplished the hacks by breaching an Australian Internet company, Melbourne IT, which the affected publications, as well as giants such as Yahoo and Google, use as a domain registrar.
The attacks allowed the SEA to redirect visitors to the affected sites to a server that it controlled. However, researchers say the attackers could have also had the ability to redirect e-mails, as well as Web and other traffic from the compromised Web sites.
New York Times Company CIO Marc Frons issued a statement advising staff "to be careful when sending e-mail communications" until the situation was resolved.
Significantly more skill
Frons added that these latest attacks required "significantly more skill" than the slew of SEA attacks committed earlier in the year.
"In terms of the sophistication of the attack, this is a big deal. It's sort of like breaking into the local savings and loan versus breaking into Fort Knox. A domain registrar should have extremely tight security, because they are holding the security to hundreds if not thousands of Web sites."
The SEA claimed responsibility, posting on Twitter yesterday afternoon that it had hacked the administrative contact information for the micro-blogging site's domain name registry records.
Twitter posted that its DNS provider "experienced an issue in which it appears DNS records for various organisations were modified, including one of Twitter's domains used for image serving, twimg.com. Viewing of images and photos was sporadically impacted."
However, the original domain record for twimg.com was restored, and Twitter said no user information was affected by this incident.
Stepping up attacks
The three are the latest victims in a long string of hacking attacks for which the SEA has claimed responsibility.
Last week, ITWeb reported that the Washington Post had succumbed to attack, and had its readers redirected to the SEA's Web site.
The hacking group has favoured media sites and social networks as targets, and to date, its victims include the BBC, The Associated Press, France 24 TV, The Daily Telegraph, The Financial Times and Al Jazeera.
Little is known about the SEA, but it first reared its head in May 2011 during the initial Syrian uprisings. It stated at the time that it was not officially allied with the government, and instead its members were a group of young patriots who decided to focus their technology skills to attack enemies of the Syrian government and anyone who spread "lies" about the country's civil war.
It is widely believed the group supports president Bashar al-Assad of Syria, although no direct links to the group and the Syrian government have been found, and no arrests have been made in connection with the group's activities.
The group has consistently denied ties to the government, an assertion belied by Assad's speech in 2011, where he referred to the group as "a real army in a virtual reality".
Share
