Syrian Electronic Army Says Attack on New York Times Is Over
The website of the New York Times entered its second day of less than full availability to its readers following an attack by an outside party on its Internet domain name registration record.
The attack coincided with a similar one against Twitter, in which domain records both of the main Twitter site and twimg.com, a domain used for hosting images posted to the service, were briefly redirected to a site controlled by the Syrian Electronic Army.
Twitter confirmed the attack, but its services appeared to be running normally.
The Times, on the other hand, continued to suffer from uneven availability to its readers. Some people would reach the site normally, as I did this morning, while others could not. Via Twitter this morning, the Times advised readers having difficulty reaching its main site to visit a mini-site on nytco.com, the corporate site of the New York Times Company.
If you can't access http://t.co/SzEQTqHIZB, we're also publishing at http://t.co/XFJ9he7Yt0. Links tweeted here go to the latter.
— The New York Times (@nytimes) August 28, 2013
Meanwhile, the Syrian Electronic Army, the group that claimed credit for the incidents, has appeared to stand down from it efforts for now. In messages posted to Twitter moments ago, it said that its “Web site and domain” to which it had tried to redirect the Times’ Web traffic “are now down.” It said it had tried to redirect Times readers to “an anti-war message,” but that its server couldn’t stand up to the load of New York Times-scale traffic. “It was worth the attempt for world peace.”
The @nytimes attack was going to deliver an anti-war message but our server couldn't last for 3 minutes #SEA
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
Our website and domain are now down, but it was worth the attempt, for #Syria and world peace. #SEA
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
In a third message, it claimed its attack on Twitter was intended to place the site “in darkness” out of respect for Syrians killed in that country’s two-year-old civil war.
We placed twitter in darkness as a sign of respect for all the dead #Syria-ns due to the lies tweeted it. #TWimg #SEA
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
The common thread between the attacks on the Times and on Twitter is a domain name registrar called Melbourne IT. This morning, the SEA was claiming credit for an attack on that company’s website, and left a message saying that its server security is very weak. The company has confirmed that it was targeted as part of the attacks on the Times and Twitter.
Melbourne IT website hacked with a brief message | http://t.co/H1KOPgK5xx #SEA #SyrianElectronicArmy
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
I haven’t been keeping score, but this appears to be the most technologically sophisticated attack by the Syrian Electronic Army so far. Up to now, its efforts have been largely limited to attacking the Twitter feeds of well-known media outlets, including CBS News, the Financial Times, the Guardian, and the satirical newspaper The Onion.
Earlier this month, the group took credit for an attack on the advertising service Outbrain, which allowed it to redirect traffic from inside the website of the Washington Post.
Whenever events in Syria quicken and coverage in Western media outlets turns to the possibility of U.S.-led military action there, as it has in recent days, the SEA has tended to get busy.
The group supports the government of President Bashar al-Assad, but as far as anyone can tell, it isn’t officially affiliated with that government in any meaningful way. But some ties have been identified. Its original domain name was registered by the Syrian Computer Society, but as is often the case in the murky world of cyberwar, the lines can be blurry between groups of skilled, motivated individuals and people actually working on behalf of a government.
Whatever the case is here, if indeed the U.S. and its allies launch air or missile strikes against the Syrian regime, as the administration has been strongly hinting all week, there will be more attacks like this.