Terms of Use For FixedByVonnie

By proceeding to access fixedByVonnie.com, you expressly acknowledge, and agree to, all of the following:

fixedByVonnie.com is a personal website and blog owned by Security Plus Pro LLC, which is being presented for informational purposes only. The views on this website are solely those of the website owner (and not those of any employer or of any professional associations affiliated with the website owner).  Any views expressed in this website and any information presented on this website, or in any of its blog entries, should not be relied on for any purpose whatsoever other than as the personal opinions of the website owner.  The website owner expressly disclaims any and all liability for any information presented on this site.  The owner of this website and its blog posts shall not be held liable, and shall be held harmless, for any errors or omissions in any information or representations contained in this website, or in any of its blog entries.  The website owner also expressly disclaims any liability for the current or future availability of any such information. The website owner makes no representations as to the accuracy or completeness of any information on this website or which may be found by following any link on this website. The website owner shall not be held liable for any losses, injuries, damages, claims, or causes of action, from the display or use of any information on this website or in any of its blog entries. If you use the information on this website, or on any of its blog entries, you do so solely at your own risk.

How the Syrian Electronic Army took down the New York Times website - fixedByVonnie

How the Syrian Electronic Army took down the New York Times website

Syrian Electronic Army tweet to take down nytimes.com

nytimes.com is hosted by a domain registrar based in Melborne, Australia.  The Syrian Electronic Army disabled the New York Times by compromising a re-seller’s username and password and logging in with those credentials.

But despite how simple it sounds this wasn’t a quick hack; it was deliberate and methodical.

Once inside the Melbourne domain name registrar, the Syrian hacking group changed the DNS records of nytimes.com to it’s own address, m.sea.sy/mob.sea.sy, which essentially took the media giant offline around 3pm EST yesterday.

DNS records are basically responsible for translating pretty web addresses like fixedbyvonnie.com to their IP equivalents.  If someone where to change where the hostname resolves they could effectively hijack the webpage.

The Melborne engineers have since reverted the DNS records and changed the credentials of the hacked reseller account but the damage to the New York Time’s reputation is irreparable.nytimes.com hacked by SEA

Eileen Murphy, spokeswoman for the New York Times said in a statement:

The site is down for some. We are working to fix the problem. Our initial assessment is that this is most likely the result of a malicious external attack

The repercussions of the attack are still being felt for some people.   Even though the records are now correctly pointing to the right host, it still takes hours for the changes to propagate through the internet and millions of people around the globe still have cached copies of the bad records.  It could actually take up to 48 hours before everything returns to normal.

But do you know what the scary part is?   The Melborne IT system is actually home to other domains such as google.com, yahoo.com, microsoft.com and aol.com.  If the Syrian Army found other weaknesses who knows what bedlam would have ensued.

About

Connect with Vonnie on Twitter

Posted in News