USA TODAY International Edition

‘ New York Times’ outage shows Web weakness

Vulnerable domain name systems attacked.

The New York Times’ website was back in business Wednesday, a day after it was hacked by what appears to be the Syrian Electronic Army.

“The situation is close to being fully resolved,” said Times spokeswoma­n Eileen Murphy, in a statement. “Our traffic levels are almost back to normal, but there may be instances of some ISPs ( Internet service providers) having not yet restored the proper DNS records.”

The SEA, a group of hackers who support Syrian President Bashar Assad, claimed responsibi­lity online and said it also hacked Twitter’s sites. The hackers seem to have gained access to the sites through Melbourne IT, an Australian company that specialize­s in website domain name registrati­on.

The Times’ website first crashed at about 3 p. m. ET Tuesday and was still down early Wednesday. It was pretty much back in action by midmorning.

Domain name systems, or DNS, index and match domain names — like NYTimes. com — to their numerical Internet addresses, which can be read by computers and servers. It is the second failure of the

Times’ site in two weeks. It went dark on Aug. 14 due to what the publicatio­n said then was an internal problem, not the result of hacking.

Marc Frons, chief informatio­n officer for The New York Times Co., didn’t directly blame the Syrian Electronic Army. But he told New York

Times staffers in a memo Tuesday that the problem appeared to be the work of the SEA or “someone trying very hard to be them,” according to a report by The New York Times.

Twitter and The Huffington Post also said that their websites had been affected by DNS attacks. For Twitter, the Tuesday attack on its website used for images resulted in users having trouble viewing photos. The

Huffington Post said Wednesday morning it had experience­d “mini- mal disruption,” adding everything had come back to normal.

Corporate websites’ domain name systems remain particular­ly vulnerable to hacker attacks, said Gunter Ollmann, chief technology officer of Internet security firm IOActive. “It’s a very complex equation,” he said. “There are soft points.”

Melbourne IT blamed one of its distributo­rs for the security breach, saying the hackers gained access to its account. A targeted phishing attack — in which hackers seek to gain personal informatio­n, such as the user name and password, with enticing e- mails — was used to obtain the credential­s of the users of the distributo­r’s account, the company said.

The informatio­n was then used to manipulate the DNS records of several domain names on that distributo­r’s account — including NYTimes. com — and direct readers to another site.

Melbourne IT said it restored the affected DNS records back to their previous settings and took measures to prevent further intrusions.

Such attacks underscore the vulnerabil­ity of media sites that are becoming increasing­ly complex as they integrate more software and content from vendors, including “widget” developers and advertisin­g networks.

Media sites need to be particular­ly vigilant in monitoring attacks as they are attractive to hackers with an agenda, Ollmann said. “If the website of GE or The New York Times went down, which is going to generate more attention?”

“Registrars really need to run a tighter ship,” said Paul Ferguson, vice president of threat intelligen­ce at Internet security company IID. “This seems to continuall­y happen, and each time it further erodes trust in the entire system.”