Service appears to have been fully restored to the website of The New York Times, after a hacker attack knocked out nytimes.com for several hours on Tuesday. The attackers have been acknowledged by The Times to be the Syrian Electronic Army, a roguish collective sympathetic to the regime of Bashar al-Assad.
The disruption was first reported at around 3 p.m. Eastern Standard Time; though some were able to access the site intermittently throughout the afternoon, the outage was widely reported. Some who landed on the Times homepage saw the following image:
This was the second website outage for The Times in August. The last outage took place on August 14 and lasted for several hours. The newspaper chalked that up to "a failure during regular maintenance." This time, however, hackers were suspected from the sart, with Eileen Murphy, The New York Times's vice president for corporate communications, telling The Atlantic Wire at around 4:30 p.m. that "our initial assessment is that this is most likely the result of a malicious external attack." The Syrian Electronic Army became a suspect shortly thereafter.
The Syrian Electronic Army is "a collective of pro-Assad hackers and online activists...targeting dissidents within Syria as well as sympathizers without," according to an Atlantic report from 2011. It has recently attacked the sites of The Washington Post, the Financial Times and even The Onion.
In its own report on the attack, a Times article provides the following chronology:
Marc Frons, chief information officer for The New York Times Company, issued a statement at 4:20 p.m. on Tuesday warning employees that the disruption — which appeared to be affecting the Web site well into the evening — was “the result of a malicious external attack.” He advised employees to “be careful when sending e-mail communications until this situation is resolved.”
In an interview, Mr. Frons said the attack was carried out by a group known as “the Syrian Electronic Army or someone trying very hard to be them.” The Web site first went down after 3 p.m.; once service was restored, the hackers quickly disrupted the site again. Shortly after 6 p.m., Mr. Frons said that “we believe that we are on the road to fixing the problem.”
The site remained down for much of the evening, but could be accessed through news.nytco.com, where the following message has been posted:
The attack was a "hijacking" of the Domain Name System, explains The Washington Post in its thorough breakdown of what defenses the Syrian Electronic Army did — and didn't — manage to breach.
As the attack persisted, The Times posted the following message on its Facebook page:
While the website of The Times was inaccessible, The Wall Street Journal seized the opportunity by taking down its own paywall. Promotion of this move on Twitter, however, was perceived by some as crass:
At the same time, Twitter itself was under assault from the Syrian Electronic Army, though this attack did ultimately impact a substantial number of Twitter users. As The Verge reports:
Multiple users on Twitter reported their backgrounds being changed to Syrian themed images, and DNS records first found by security reporter Brian Krebs confirm that twimg.com [which hosts Twitter's servers] was briefly redirecting to an SEA-affiliated site. The account also claimed to have brought down Twitter.co.uk, although the site still appears to be functional.
An official Twitter statement confirmed the hack, saying that the company's DNS provider had been compromised, and the image server had been "sporadically impacted" beginning at 4:49pm. Just before 6:30, the company regained control of the server. According to the statement, no user information was compromised.
The "malicious" attack certainly had the intended effect of frustrating both Times readers and journalists. However, it is not likely to garner much sympathy for the murderous Assad regime.
This article is from the archive of our partner The Wire.