The last 24 hours have seen another pair of hacks. This time, the New York Times and - more unusually - Twitter themselves were on the receiving end.
In both cases, the websites’ DNS (domain name system) registration records were hijacked. In simple terms, a DNS is a sort of signpost that points internet traffic in the direction of a specific IP address and associated servers. DNS alterations could potentially be used to redirect traffic to other, perhaps malicious, websites.
When users attempted to visit www.nytimes.com for a period yesterday, the only message that appeared was "Hacked by the SEA", although the newspaper kept publishing articles to the direct IP of their website.
While the Twitter site continued to function as normal, the SEA claimed to have changed domain details, redirecting the social media site's traffic to its own server. Twitter spokesman Jim Prosser confirmed that site technicians were "looking into claims" it had been hacked by the SEA. The DNS details of Huffington Post UK were also affected.
The Syrian Electronic Army - a loosely-organised ‘hacktivist’ collective - immediately claimed responsibility for yesterday’s activities, even posting proof that they had altered the affected DNS records:
Hi @Twitter, look at your domain, its owned by #SEA :) http://t.co/ZMfpo1t3oG pic.twitter.com/ck7brWtUhK
— SyrianElectronicArmy (@Official_SEA16) August 27, 2013
The SEA is a group supporting the Syrian government and president Bashar al-Assad. The SEA name has been attributed to hacks against the Associated Press, BBC, The Guardian and Sky News, among others. Given the loosely organised nature of the SEA, it is hard to gauge the actual size of the collective, and whether hacks were perpetrated by an organised group or individuals affiliating themselves with the SEA name and ideologies.
Usual SEA operations involve temporarily gaining control of social media accounts or websites to raise awareness of their existence, although they have often avoided making direct statements about their motivation.
For example, when they gained control of the AP Twitter account, the SEA posted a false message claiming President Obama had been critically injured, while in the case of Sky News they were associated with a cryptic tweet that simply read “Colin was here”. You can read more about their history here.
More often than not, it has been popular Western media outlets affected by SEA operations. One of the SEA’s Tweets yesterday proclaimed ‘the media is going down’:
Media is going down.... | http://t.co/Gd1zB70v0g | http://t.co/8NUe7Cs2jm | http://t.co/QDdNdEuuVX | http://t.co/W9nmxo95PQ
— SyrianElectronicArmy (@Official_SEA16) August 27, 2013
With the Syrian conflict increasingly making headlines, and many countries pledging intervention - military or otherwise - it’s likely the SEA will also amp up operations to continue stating their support for al-Assad. The New York Times and Twitter are two of the highest-profile victims yet of SEA hacks, but they’re unlikely to be the last major websites affected.
(Image: Wikimedia Commons)
