The Washington Post’s Web site was disrupted Thursday morning by a hacker group sympathetic to Syrian President Bashar al-Assad that apparently launched a coordinated wave of attacks on American news outlets.
A group calling itself the Syrian Electronic Army briefly infiltrated The Post’s Web site and redirected readers of some stories to the SEA’s site. The organization supports Assad, who has led a long, bloody campaign to crush a rebellion in Syria.
The intrusion lasted for about 30 minutes and affected a number of foreign-news stories. “We’ve taken defensive measures, and at this time there are no other issues affecting the site,” said Emilio Garcia-Ruiz, The Post’s managing editor-digital.
The hacking follows a “phishing” attack by an unidentified source earlier this week aimed at securing the passwords and log-in information of e-mail accounts maintained by Washington Post journalists. The source of the attack sent e-mails to Post mailboxes that appeared to emanate from Post colleagues; the e-mails directed recipients to click a link and provide log-in data. That information could then be used by an outside source to gain unauthorized access to a computer network.
Post officials believe the Syrian Electronic Army was also the source of the phishing scam.
In a tweet sent Thursday morning, the SEA claimed that it hacked the Web sites of The Post, CNN and Time magazine “in one strike.” The tweet indicated that The Post’s site was hacked through Outbrain, an ad network The Post uses.
Outbrain acknowledged a problem with its network Thursday. “Our team is working to get our system secure & up shortly. Apologize for any inconvenience,” the company said in a tweet.
In the past, the Syrian Electronic Army has successfully cracked administrative passwords or used phishing scams to steal usernames and passwords, said Chester Wisniewski, a senior adviser for Sophos, a security software vendor. Targeting Outbrain, Wisniewski said, may suggest that the group is undertaking more sophisticated attacks.
Directing an attack at a network with a wide reach, such as Outbrain, is an efficient way for hackers to target several sites at once, said Wisniewski.
“If I’m looking to hack sites, if I can get into a network like Outbrain, it’s probably easier than serially breaking into The Washington Post, CNN and other sites,” Wisniewski said. Other hackers, he said, have targeted ad networks to deliver malware to thousands of sites simultaneously.
Since 2011, SEA has claimed credit for infiltrating the social media networks of several prominent media and human-rights organizations including National Public Radio, Al-Jazeera and Human Rights Watch. This week, the group claimed it had successfully infiltrated SocialFlow, a company that helps users send automatic updates to their social networking accounts.
In April, the group took credit for breaking into the Twitter account of the Associated Press to send a false report that a bomb had gone off in the White House. The message sent the stock market into a panic, causing the Dow Jones industrial average to lose more than 100 points within two minutes.
Little is known about its individual members of the SEA, which is politically aligned with Assad’s regime but has never been directly linked to the Syrian government. The group typically targets media sites and social networks to spread its political message, said Scott Hazdra, principal security consultant for the Neohapsis security firm.
“Their reported goal is to bring attention to events that are happening in Syria. To that end I think they’ve been largely successful,” he said.
Hazda said that the group is likely small, comprising mainly college-age people and doesn’t appear to have a single geographic base. No one has ever been arrested in connection with being a member of the group, he said.
Last year, The Washington Post and the New York Times reported that hackers — likely based in China — had targeted and infiltrated their internal computer systems to gather information on the companies and the activities of reporters. In that attack on the Post, sensitive administration passwords were compromised, giving the hackers access to a wide range of company systems.
At the time, the Chinese Defense Ministry denied that the Chinese military had any involvement in the attacks.
The attacks last year were different than the kind launched by the Syrian Electronic Army on Thursday. Unlike Thursday’s attack, the perpetrators of the earlier intrusion attempted not to draw attention to themselves.
The SEA, conversely, goes for flashy vandalization rather than the quiet data collection that The Post and the Times faced last year. In Thursday’s hack, readers were redirected to the group’s home page, which is in Arabic
.
.
No comments:
Post a Comment