New York Times website hacked
Early evidence suggests site was hit by Syrian Electronic Army
Computerworld - Less than two weeks after suffering a prolonged website outage, the New York Times was knocked offline again on Tuesday -- apparently as the result of a malicious hacking attack.
The paper's main webpage was intermittently unavailable for several hours Tuesday afternoon and remained that way as of 5:30 p.m. ET.
In an initial Twitter post, the Times blamed the outage on "technical problems." But later, the newspaper's director of corporate communication indicated that the site might have been knocked offline in a hacker attack. "re: http://nytimes.com - initial assessment - issue is most likely result of malicious external attack. working to fix," Murphy said in a tweet.
In another tweet, the Times said it would continue to publish stories as it worked to resolve the issue. The message contained a link to a story on Syria with an IP address registered with the company that bypassed its DNS.
Initial evidence suggested that the attack might have been the work of the Syrian Electronic Army, according to a security researcher quoted by the Washington Post.
This marks the second time this month that the paper's main website has crashed. On Aug.14, the site was knocked offline for more than two hours and then struggled with sluggish performance for two more hours as the result of what the paper described as a technical glitch.
That outage, which also took down the Times' mobile application, occurred seconds after a scheduled site maintenance update, the company said at that time. The incident caused some speculation about whether the site had been hacked or had really gone down because of a technical issue as the paper claimed.
In January, the Times disclosed that attackers belonging to a Chinese hacking group had gained access to its networks and systems and remained undetected for four months. The intrusion happened in September 2012, when the paper was doing a story on China's Prime Minister Wen Jiabao, the paper noted.
Security experts speculated at that the hackers might have gained an initial foothold on the company's website via a targeted, specially crafted phishing email.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts