Skip to main content

The Globe and Mail

‘Spooky’ attack on N.Y. Times latest battle in media's war with hackers

MelbourneIT, an Australian Internet service provider that sells and manages domain names including and NYTimes, said on Tuesday the credentials of a reseller had been used improperly to change domain settings and hack into sites including the

Joel Boh/Reuters

Media outlets are waging an increasingly fierce battle against malicious, potentially politically motivated computer attacks that threaten to disseminate false reports and disrupt their ability to publish the news.

The websites of several media companies, including The New York Times and The Huffington Post, were compromised on Tuesday after hackers gained access to an Australian Internet company that managed their websites' domain addresses.

The Syrian Electronic Army, a collective of anonymous hackers described as supporting Syrian President Bashar al-Assad, took credit for the attacks in a series of tweets.

Story continues below advertisement

"The @nytimes attack was going to deliver an anti-war message but our server couldn't last for 3 minutes," the group posted to Twitter on Wednesday morning.

The hacking incidents come as western governments consider a military response in Syria following evidence of chemical attacks.

The Syrian Electronic Army claims that Arab and western media have presented a biased view of the country's civil war. It previously compromised news organizations including the Financial Times, The Washington Post, the Associated Press, the BBC and Al Jazeera.

During the attack on The New York Times, visitors to the news site were redirected to a wrong domain. The disruption started just after 3 p.m. on Tuesday and was not restored for many readers until Wednesday morning. The site remained accessible to some readers throughout the outage.

The New York Times reported that the group had attacked the company's domain name registrar, Melbourne IT. Once service was restored, the hackers quickly disrupted the site again, the newspaper group reported.

It alerted users to its "technical difficulties" via Twitter and continued to report the news. It posted a link on its Twitter account to a report on Syria published on a different site.

"This was a very spooky attack," Matthew Prince, chief executive of technology security firm CloudFare, wrote in a blog post about Tuesday's hacks.

Story continues below advertisement

"The hack also illustrates the damage that can be done by redirecting a site's [domain name system]," he added. "DNS forms the heart of the Internet, not just the web. E-mail routing, too, depends on DNS to route messages to the correct server."

In an interview with The New York Times, Marc Frons, chief information officer for the publisher, compared the attack to "breaking into Fort Knox. A domain registrar should have extremely tight security because they are holding the security to hundreds if not thousands of websites."

The Huffington Post attack was limited to the blogging platform's U.K. web address. Twitter was also affected, leading to availability problems for more than an hour, but the social media site said that no user information had been compromised. Twitter said that "viewing of images and photos was sporadically impacted."

This month The Washington Post said its website had been hacked, with readers of some stories redirected to the website of the Syrian Electronic Army. The hacker group said in a tweet that it had gained access to the site through one of its business partners.

The Syrian Electronic Army has hacked into Twitter's domain name records, putting its own e-mail address in place of the company's.

The Financial Times website was hacked in May, when 12 posts entitled "Hacked by the Syrian Electronic Army" appeared on the FT's tech blog, with some FT Twitter feeds also affected.

Story continues below advertisement

In April, it also claimed responsibility for a fake tweet from AP reporting an attack on the White House caused the Dow Jones to fall almost 1 per cent within two minutes.

Report an error

The Globe invites you to share your views. Please stay on topic and be respectful to everyone. For more information on our commenting policies and how our community-based moderation works, please read our Community Guidelines and our Terms and Conditions.

We’ve made some technical updates to our commenting software. If you are experiencing any issues posting comments, simply log out and log back in.

Discussion loading… ✨