Both Twitter and the New York Times suffered serious site issues following an attack by hackers claiming to represent a group called the Syrian Electronic Army.
The first to fall was the New York Times website as users began reporting difficulties accessing the site and some reporting they were being redirected to a Syrian web domain when they tried to access the NYT website. The company responded, providing a mirror link to a backup of the site that was unaffected by the outage. The issue was not resolved for at least 3 hours.
In a Facebook post, the NY Times explained that the site went offline as a result of an attack on their domain name registrar, Melbourne IT.
Then Twitter began experiencing issues after the Syrian Electronic Army claimed to have gained access to their DNS records and made changes. As a result, a large volume of images were unavailable across Twitter’s platform. The company confirmed the attack on their Twitter Status blog saying their image host URL had been compromised,
“At 20:49 UTC, our DNS provider experienced an issue in which it appears DNS records for various organizations were modified, including one of Twitter’s domains used for image serving, twimg.com. Viewing of images and photos was sporadically impacted. By 22:29 UTC, the original domain record for twimg.com was restored. No Twitter user information was affected by this incident.”
At the time of publication, a large number of images on Twitter are still unavailable.
The hacks are the latest in a spate of high profile attacks in recent times, with the SEA claiming responsibility for a number of major Twitter account hacks including Reuters, the Financial Times, the Guardian and the Associated Press.
However, gaining access to DNS and registration details marks a worrying escalation, with the potential security and privacy implications being much more severe than simply hijacking a Twitter account. If attacks on this scale continue, it poses a massive risk not only to the company involved but to each and every user who visits the affected sites. It’s no longer just site security that might be compromised, it’s personal security.