New York Times, Twitter, Huffington Post fall afoul of DNS hacks

Cyberattacks on high-profile targets result in widespread media coverage, and the salvo against Twitter, the Huffington Post and the New York Times are no exception.

In the most damaging attack so far recorded, the Syrian Electronic Army (SEA) -- a support group for Syrian president Bashar al-Assad -- attacked these outlets on Tuesday, altering website domain name servers (DNS) to make content inaccessible.

Access to the DNS records was possible once the SEA breached the defenses of Melbourne IT, which hosts these websites. DNS records point a visitor to a particular webpage, and by altering the record, visitors can be pointed towards a different address. For example, "nytimes.com" can be changed to point to an SEA-controlled address.

The New York Times issued a statement which reads:

"The New York Times Web site was unavailable to readers on Tuesday afternoon following an attack on the company’s domain name registrar, Melbourne IT. The attack also required employees of The Times to stop sending out sensitive e-mails."

As a result of the security breach, Melbourne IT is looking at ways to improve its security framework.

At the time of writing, the NYT is still inaccessible, although the SEA tweeted that the group is not responsible, and they are "done with the attack." Twitter remained online but experienced disruption. In a statement, the microblogging platform said that "no Twitter user information was affected by this incident."

To explain why Twitter was targeted, the SEA said: "We placed twitter in darkness as a sign of respect for all the dead #Syria-ns due to the lies tweeted [on] it."

The Huffington Post's DNS records were also changed, but now normal service has resumed.

The cyberattack is the latest in a string of hacks that have impacted firms including the Financial Times, Washington Post, CNN and BBC.

Via: The Next Web

Image credit: ZDNet

This post was originally published on Smartplanet.com