Hackers promoting the
Syrian Electronic Army simultaneously targeted websites belonging to CNN, Time
and the Washington Post on Thursday by breaching Outbrain, a firm which
publishes content recommendations on those sites.
That resulted in some
WashingtonPost.com and Time.com customers being redirected to the website of
the Syrian Electronic Army when they clicked on the content from Outbrain, said
Outbrain Vice President Lisa LaCour. The CNN International site briefly displayed
a headline that said "Hacked by SEA," she said.
The Syrian Electronic
Army is an online group that supports Syrian President Bashar al-Assad and has
been linked to several high profile attacks. They include one on the Associated
Press' Twitter feed in which a bogus message was sent out about explosions at
the White House.
The latest attacks were
significant because the hackers simultaneously targeted several sites by
breaching a single supplier whose content is published on multiple platforms.
In previous campaigns
linked to the Syrian Electronic Army, hackers have breached networks using
similar tactics. But in those cases emails were sent to employees of a single
specific media outlet they were targeting, which made preparations for the
attacks more labor intensive.
Outbrain, which posts
content on a large number of prominent news sites, took down its entire network
at about 11 a.m. EDT (1500 GMT) on Thursday, before the hackers could do any
more damage, LaCour said.
The company's
technicians, who are based in Israel, cleaned up the network and planned to
restore service late on Thursday, she said.
Outbrain said the
hackers got in after sending a phishing email to all company employees on
Wednesday that purported to be from the CEO. An employee provided login
credentials in response to that email and then the hackers were able to get
other credentials for accessing internal systems, the company said.
Chris Wysopal, chief
technology officer for software security firm Veracode, said he believes that
hackers will increasingly choose to go after third-party providers because
their security is likely to be more lax than that of their customers.
"As the Internet
becomes more interconnected, this risk is going to increase," he said.
Time and CNN, both owned
by Time Warner, and the Washington Post all said they believed that their sites
had not been impacted by anything besides the attack on Outbrain.
No comments:
Post a Comment