+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

How The Syrian Electronic Army Hacked Twitter, Huffington Post, And The New York Times Yesterday

Aug 28, 2013, 21:23 IST

Daniel Goodman / Business InsiderThe Syrian Electronic Army, a pro-Assad hacking group, successfully compromised some large media sites yesterday by attacking Twitter, The New York Times, and Huffington Post UK.

Advertisement

It was able to do this by interfering with these sites' domain name systems (DNS), altering high-level details about how people access these web pages.

It began in Australia at a company called Melbourne IT, which handles the New York Times' Web hosting. The SEA used phishing tactics (which usually means tricking someone to type in a password and capturing it as it's typed) in order to break in.

Once inside, the hackers knocked the Times offline by reassigning its DNS information. DNS is best understood as the phone book of the Internet – when you type "newyorktimes.com" into your URL bar and press enter, DNS turns this into a query of the server at the appropriate IP address. It's much easier to remember "New York Times" than it is to remember "170.149.168.130," for example.

By severing the NYT's connection to DNS, the only way anyone could actually access the site was by typing in the IP address, and this is just not information people care to remember. Since everyone types out the DNS-enabled URL – newyorktimes.com – and because the hackers had total control of the DNS settings, they were able to reroute anyone attempting to access the site to a different web page of their own choosing.

Advertisement

In fact, some people who tried to access the Times' site yesterday were redirected to this image instead:

ScreenshotTwitter was compromised as well, though it remained online and operational while the "viewing of images and photos was sporadically impacted." Again, the source of the trouble was the Syrian Electronic Army fiddling with DNS. Although repairs have begun to normalize everything, image problems still persist across Twitter for some users, with the occasional blank user avatar and the blank picture attached to tweets.

If this is the first time you've heard of the SEA, it isn't some brand-new organization. The group's been active since 2011 and hasn't been afraid to cause all kinds of big-time trouble since then. This is just the group's most recent display of its capabilities.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article