The Evolution of Cyber Attacks I was watching a news program last night, and the discussion of the most recent attack on the New York Times came up. Hackers, believed to be the Syrian Electronic Army, disrupted service to the site on Tuesday, and as of Wednesday at noon, the site was slowly being revived. […]
The Evolution of Cyber Attacks
I was watching a news program last night, and the discussion of the most recent attack on the New York Times came up. Hackers, believed to be the Syrian Electronic Army, disrupted service to the site on Tuesday, and as of Wednesday at noon, the site was slowly being revived. Readers were being sent to an alternate temporary site.
The news anchor posed the question: Is this a cyber war? I think it is a legitimate question because of the current tensions and talks of potential attacks on Syria in response to the civil unrest in that country. But I think the answer is no, it is not a cyber war. I think it was the Syrian Electronic Army making a statement to the world that they don’t like U.S. policies. I also think that it is one in a growing number of incidents that shows just how vulnerable our networks are and how people who want to make a statement are exploiting those vulnerabilities.
In the New York Times hack, the Syrian Electronic Army used a third party to get into the newspaper’s network. According to PC Magazine:
a hack of Internet registrar MelbourneIT allowed the Syrian Electronic Army to compromise the newspaper’s website.
To understand the attack, it’s important to understand three key entities on the Internet: 1) registries; 2) registrars; and 3) recursive DNS providers. . . . You purchase and manage domains through organizations known as registrars. NYTimes.com is managed by a registrar known as MelbourneIT. MelbourneIT has traditionally been known as one of the more secure registrars.
As Aaron Titus, CPO/General Counsel at Identity Finder, told me in an email, any time you integrate third-party code into your site, it presents a new attack vector for hackers.
You must not only ensure your own code is secure, but you must also rely upon third parties’ security practices. Third party content integration is standard on almost every website. YouTube videos, Flash plugins, and Google Analytics are just three common examples of third party apps and code. If any one of them has a vulnerability, then your website may be affected.
The Syrian Electronic Army also hacked Twitter this week. It’s obvious that they are out to make a statement in support of their country’s leader. These attacks should also be reminders that networks are vulnerable in multiple ways, and even the most secure third party with access to your network can cause serious trouble.
Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
