Washington Post, New York Times, Twitter, WSJ: Hacked by Syrian Electronic ArmyPosted: August 27, 2013 | |
Updated, 3:15 p.m. ET: The Washington Post and CNN confirmed that they were affected by a Syrian Electronic Army hacking attack on a third-party content provider that they use.
Early Thursday, the Post published this editor’s note:
The Washington Post Web site was hacked today, with readers on certain stories being redirected to the site of the Syrian Electronic Army. The group is a hacker collective that supports Syrian President Bashar al-Assad.
A Twitter account that claims to belong to the SEA said it was able to hack the Post, as well as the sites of CNN and Time, by targeting Oubrain, a service that recommends content to readers. The Post’s technology blog said the hack ”succeeded because of a vulnerability in Outbrain.”
A spokeswoman for Outbrain confirmed the attack; earlier the company’s Twitter account said recommendations were down “due to an attack.” Outbrain suspended its services until it can secure them, the spokeswoman said. “We are working hard to prevent future attacks of this nature,” she said. Outbrain’s website was down for several hours, too.
A spokeswoman for Time said, “It does not appear that Time.com or our Twitter accounts have been hacked. However, we are looking into the matter.” A CNN spokesman said a content-recommendation service on its site “was briefly compromised” but neither CNN nor its international site were directly affected.
The hack comes a day after the New York Times website was down for several hours, though the Times said the outage was caused by an “internal issue” and there was no reason to suspect a cyberattack.
This is the latest in a string of attacks against media companies by the Syrian Electronic Army, which has targeted the Twitter feeds of Thomson Reuters, the Financial Times, the Associated Press, the Guardian, CBS and the Onion. (The Onion received accolades for publishing this deep-dive on its attack.) In the Financial Times case, its Tech Blog was also hacked. The Corporate Intelligence blog earlier this year put together a primer on the SEA.
News publishers and media companies earlier this year detailed their struggles to ward off hackers. The Wall Street Journal said its systems had been targeted by Chinese hackers, apparently in a bid to spy on coverage of China. The New York Times, Bloomberg and Thomson Reuters at the time had said they were targeted, too.
Source: Washington Post– By Brian R. Fitzgerald, William Launder and Keach Hagey