Washington Post, CNN and Time websites hit by pro-Assad hackers
- 16 August 2013
- From the section Technology
Websites belonging to the Washington Post, CNN, and Time magazine have been attacked by supporters of Syrian President Bashar al-Assad.
Some links on the sites redirected readers to the website of the Syrian Electronic Army (SEA).
The breach was the result of a security failure at a firm which provides a link recommendation service that all three sites used.
Outbrain said its staff had fallen victim to a spoof email.
The SEA has hit several media companies in recent months, most frequently by hijacking their social media accounts.
But in this attack the group managed to go one step further by manipulating the links that appeared on the media groups' own webpages.
Shortly after the attack became apparent the New York-based firm powering those links blogged: "We are aware that Outbrain was hacked earlier today and we took down service as soon as it was apparent."
Outbrain resumed its service about seven hours later.
CNN told the BBC: "The security of a vendor plug-in that appeared on CNNi.com was briefly compromised today.
"The issue was quickly identified and plug-in disabled. Neither CNN.com nor CNNi.com were penetrated directly."
The Washington Post's managing editor Emilio Garcia-Ruiz later said that this was not thought to be the SEA's only attack on his newspaper this week.
"A few days ago, the Syrian Electronic Army, allegedly, subjected Post newsroom employees to a sophisticated phishing attack to gain password information," he wrote.
"The attack resulted in one staff writer's personal Twitter account being used to send out a Syrian Electronic Army message.
"For 30 minutes this morning, some articles on our web site were redirected to the Syrian Electronic Army's site. The Syrian Electronic Army, in a tweet, claimed they gained access to elements of our site by hacking one of our business partners, Outbrain.
"We have taken defensive measures and removed the offending module. At this time, we believe there are no other issues affecting The Post site."
Time spokesman Daniel Kile said that while the Outbrain-powered module on Time's pages had been manipulated, the website itself had not been directly affected.
"At this time it does not appear that Time has been hacked," he told the BBC, "but we are looking into it further."
Outbrain revealed it had become vulnerable after the hackers had sent a phishing email to its staff which purported to be from the company's chief executive.
The firm said the message led to a page asking the employees to type in their credentials in order to see information. Once they had done so the SEA was able to infiltrate its systems and identify other passwords.
Outbrain said it had become aware of the breach 11 minutes after the hackers had changed one of the settings on software controlling the links which appeared on CNN's pages.
It said it had then taken its team a further half an hour to finish turning off the recommendation link service to all the sites it supported. The company has promised to reveal more details at a later point.
One security expert described the hack as "dangerous".
"This is the kind of technique that hackers use to distribute malware," said Chester Wisniewski, senior security advisor at Sophos.
"In this case it may only be sending you to the Syrian Electronic Army's website but it could also be used to install viruses or copy cookies to try and later impersonate a visitor."
Earlier this week, the SEA also hit the Facebook and Twitter accounts of the New York Post.
On Wednesday the New York Times website went offline but it indicated this was not a hack but rather an "internal issue".
A spokeswoman said: "The outage occurred within seconds of a scheduled maintenance update, which we believe was the cause."
One industry consultant said the media was facing a growing problem.
"It is a reminder that while digital news organisations have lower distribution costs, those of technology and security are greater," said Douglas McCabe from Enders Analysis.
"The technology sophistication required to protect sites is continuously growing. The commercial and editorial implications of down periods during major news events are clearly far-reaching."
Follow Dave Lee on Twitter @DaveLeeBBC