This article is from the archive of our partner .
The Syrian Electronic Army's hacking of The New York Times website wasn't your standard spear-phishing scheme or brute force attack to steal passwords, meaning that best practices like creating strong passwords and avoiding links in fishy emails won't do much to protect against similar attacks in the future. Rather, the SEA hacked the Times's Domain Name Server, which is owned by an Australian company called MelbourneIT. MelbourneIT hosts the domain of The New York Times website, among others. The SEA has also since hacked MelbourneIT's blog website, posting the following message:
The site takeover aims to prove a point about MelbourneIT's security. The domain hacks of MelbourneIT's systems are what took down an entire news organization for hours and what large sites need to worry about.
Over at Quartz, Christopher Mims outlines the services MelbourneIT provides to The Times and other sites:
Melbourne IT is the company that the New York Times pays to be the steward of the numerical roadmap that tells every computer on the internet—including the one on which you’re reading this—how to find the servers that host the website of the New York Times. These servers are identified by an IP address, a unique set of numbers. You can use IP addresses directly if you know them; typing http://170.149.168.130 into your browser should get you to a relatively intact version of the New York Times’ site.
So the Times pays MelbourneIT — also known as a registrar — for its New York Times name. "When you type nytimes.com into your browser, your computer looks up the corresponding IP address with one of those servers, and sends you to it," adds Mims. (Meaning that, once you type in "nytimes.com" your computer has to go through the MelbourneIT registrar to send back the right page to you.) Somehow, the SEA hacked into MelbourneIT, took ownership of the Times's DNS and then diverted all of the paper's readers' requests elsewhere, which made the "nytimes.com" address useless. This, of course, is a bit of an oversimplification: For those who want more, CloudFlare, another DNS provider, has a detailed explanation.