It’s beginning to read like a hit list – the Syrian Electronic Army (SEA) hacked The New York Times (NYT) and Twitter Inc. yesterday, adding the two high-profile sites to its list of targets. In the past, it has attacked The Atlantic, The Financial Times, BBC News, and Al Jazeera, all in the name of making a bold political statement.
This time, Australian company Melbourne IT came forward to explain how the hacking of the NYT and Twitter happened, writes Jon Russell of The Next Web. Melbourne IT, which handles hosting for both Twitter and the NYT, explained the SEA entered its IT system by using a reseller’s name and password, grabbing the login details through phishing after a long-term, focused effort.
After entering the system, it changed the DNS records of several domain names, including the NYT. By changing the DNS, it was able to reroute user traffic to its own address, showing a “no data received” screen to any users trying to enter the NYT site.
Melbourne IT says it changed the hacked reseller’s username and password as soon as it got wind of what was happening, but it can take about a day before the situation can be fixed, Russell writes.
For Twitter, things were a little different – the site didn’t go down, but after one of its DNS records was changed, users had some trouble viewing images and photos. Still, it’ll take some time before things go back to normal, so for now, you may see some users’ avatars missing.
In these cases, as the SEA put forward a serious effort to get ahold of user logins and passwords on Melbourne IT, it may be difficult to think of a way to have prevented this from happening. Still, small to mid-sized businesses can still glean a takeaway or two – practice good password hygiene, because hackers will still target smaller sites in an attempt to steal valuable information.
Read more at The Next Web here.