The Syrian Electronic Army, a pro-Assad hacking group, successfully compromised some large media sites yesterday by attacking Twitter, The New York Times, and Huffington Post UK.
It was able to do this by interfering with these sites’ domain name systems (DNS), altering high-level details about how people access these web pages.
It began in Australia at a company called Melbourne IT, which handles the New York Times’ Web hosting. The SEA used phishing tactics (which usually means tricking someone to type in a password and capturing it as it’s typed) in order to break in.
Once inside, the hackers knocked the Times offline by reassigning its DNS information. DNS is best understood as the phone book of the Internet — when you type “newyorktimes.com” into your URL bar and press enter, DNS turns this into a query of the server at the appropriate IP address. It’s much easier to remember “New York Times” than it is to remember “188.8.131.52,” for example.
By severing the NYT’s connection to DNS, the only way anyone could actually access the site was by typing in the IP address, and this is just not information people care to remember. Since everyone types out the DNS-enabled URL — newyorktimes.com — and because the hackers had total control of the DNS settings, they were able to reroute anyone attempting to access the site to a different web page of their own choosing.
In fact, some people who tried to access the Times’ site yesterday were redirected to this image instead:
Twitter was compromised as well, though it remained online and operational while the “viewing of images and photos was sporadically impacted.” Again, the source of the trouble was the Syrian Electronic Army fiddling with DNS. Although repairs have begun to normalize everything, image problems still persist across Twitter for some users, with the occasional blank user avatar and the blank picture attached to tweets.
If this is the first time you’ve heard of the SEA, it isn’t some brand-new organisation. The group’s been active since 2011 and hasn’t been afraid to cause all kinds of big-time trouble since then. This is just the group’s most recent display of its capabilities.