- News & Events
August 29, 2013
The famous tagline of The New York Times, “All the news that’s fit to print,” was oddly apropos. That’s because only the print version of the paper was available for several hours on August 27th after an online attack on the company’s domain name registrar, Melbourne IT, whose website says it has 350,000 satisfied customers worldwide. Perhaps now they should make that 349,999.
Anyway…this attack was reminiscent of one carried out against washingtonpost.com on August 15th using a third-party service provided by a company called Outbrain.
The first time The Times’ website went down on August 14th, technical problems were said to be the cause. However, this time the outage was attributed to a hacker collective, which calls itself the Syrian Electronic Army (SEA) and supports Syria’s president, Bashar al-Assad.
Christine Haughney and Nicole Perlroth write on nytimes.com that SEA is thought to have attacked the sites or social media accounts of a number of high-profile media organizations. These include: The Financial Times, the Washington Post (as previously mentioned), NPR, Reuters Twitter Feed, BBC Weather Twitter Feed, AP Twitter Feed, Viber and Outbrain.
Security expert Matt Johansen tweeted that when he tried to access The Times’ website, he was directed to a Syrian web domain.
Haughney and Perlroth report “The SEA first emerged in May 2011, during the first Syrian uprisings, when they started attacking a wide array of media outlets and nonprofits and spamming popular Facebook pages like President Obama’s and Oprah Winfrey’s with pro-Assad comments. Their goal, they said, was to offer a pro-government counter narrative to media coverage of Syria.
“The group has consistently denied ties to the government of Mr. Assad and has said it does not target Syrian dissidents, but security researchers and Syrian rebels are not convinced. They say the group is the outward-facing campaign of a much quieter surveillance campaign targeting Syrian dissidents and are quick to point out that Mr. Assad once referred to the SEA as ‘a real army in a virtual reality.’”
The SEA tweeted that it hacked administrative contact information for Twitter’s domain name registry records. And, according to whois.com, a domain lookup service, the SEA was indeed listed on the entries for Twitter’s administrative name, technical name and email address. According to The New York Times, a Twitter spokesman said Twitter is looking into the Syrian Electronic Army’s claim.
Marc Frons, chief information officer for The New York Times Company, noted that the attacks on nytimes.com and Twitter required much more skill than earlier attacks by the group which caused the stock market to tank temporarily when stories were planted that there had been explosions at the White House.
“In terms of the sophistication of the attack, this is a big deal,” said Mr. Frons. “It’s sort of like breaking into the local savings and loan versus breaking into Fort Knox. A domain registrar should have extremely tight security because they are holding the security to hundreds if not thousands of websites.”
ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The TrustDefender™ Cybercrime Protection Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Bank Fraud, Botnets, CNP fraud, Cookieless Device Identification, Cookies, Credit Card Fraud, Cyber attacks, Cyber Warfare, Device Detection, Device Fingerprint, Device Fingerprinting, Device ID, Device Identification, Fraud Prevention, Hacking, Identity Spoofing, Identity theft, Malware, Malware Protection, Man-in-the-Browser Detection, MitB, Mobile fraud, Online Fraud, Phishing, PII, Syrian Electronic Army, ThreatMetrix, ThreatMetrix Cybercrime Index, ThreatMetrix Global Trust Intelligence Network, ThreatMetrix Web Fraud Map, TrustDefender Cybercrime Protection Platform, Web Fraud