USA TODAY International Edition
‘ N. Y. Times’ blames hackers in latest crash of site
Executive points finger at SEA group or copycat
The New York Times website was hacked Tuesday, the latest in a series of high- profile attacks on media websites. It is the second failure of the Times’ site in two weeks. It went dark on Aug. 14 due to what the publication said then was an internal problem, not the result of hacking.
The Times said Tuesday the website first crashed at about 3 p. m. ET following an online attack on the company’s domain name registrar, Melbourne IT.
Marc Frons, chief information officer for The New York Times Co., issued a statement that the outage was “the result of a malicious external attack” and advised employees to “be careful when sending e- mail communications until this situation is resolved,” according to a story that appeared on the newspaper’s website.
Frons also said the attack was carried out by the Syrian Electronic Army “or someone trying very hard to be them.” The SEA, a group of hackers who support Syrian President Bashar Assad, have organized and carried out online attacks on prominent websites in recent months.
Matt Johansen, head of the Threat Research Center at WhiteHat Security, tweeted Tuesday that he was sent to an SEA domain when he tried to go to the Times’ website.
Twitter said Tuesday its website also was affected by a similar attack, but it didn’t refer to SEA.
Later in the day, a Twitter account that seemingly belongs to SEA showed an image that indicates SEA also attacked Twitter’s domain.
The Times said its site was restored shortly after the initial crash, but the hackers quickly disrupted it again. Trying to call up the website rendered varying experiences for readers in different places.
For many, the site was completely down. Others reported that typing the website’s Internet protocol address — a numbered address — load- ed a stripped- down version of the site, with links to stories that didn’t work. Some found that the IP address led to a version that was similar but not identical to the main site, again with links that didn’t work.
Gunter Ollmann, chief technology officer of Internet security firm IOActive, said the site was functional at his office in Atlanta. “The fact that I can see the site but you can’t could mean” it could be a regionally limited attack, he said.
Ollmann added that the regionally varying results could also stem from the Times restoring servers located in different locations.
The Times turned to Twitter to tweet news updates.