Hackers use new tactic to attack U.S. media sites

Thu Aug 15, 2013 7:07pm EDT

(Reuters) - Hackers promoting the Syrian Electronic Army simultaneously targeted websites belonging to CNN, Time and the Washington Post on Thursday by breaching Outbrain, a firm which publishes content recommendations on those sites.

That resulted in some WashingtonPost.com and Time.com customers being redirected to the website of the Syrian Electronic Army when they clicked on the content from Outbrain, said Outbrain Vice President Lisa LaCour. The CNN International site briefly displayed a headline that said "Hacked by SEA," she said.

The Syrian Electronic Army is an online group that supports Syrian President Bashar al-Assad and has been linked to several high profile attacks. They include one on the Associated Press' Twitter feed in which a bogus message was sent out about explosions at the White House.

The latest attacks were significant because the hackers simultaneously targeted several sites by breaching a single supplier whose content is published on multiple platforms.

In previous campaigns linked to the Syrian Electronic Army, hackers have breached networks using similar tactics. But in those cases emails were sent to employees of a single specific media outlet they were targeting, which made preparations for the attacks more labor intensive.

Outbrain, which posts content on a large number of prominent news sites, took down its entire network at about 11 a.m. EDT on Thursday, before the hackers could do any more damage, LaCour said.

The company's technicians, who are based in Israel, cleaned up the network and planned to restore service late on Thursday, she said.

Outbrain said the hackers got in after sending a phishing email to all company employees on Wednesday that purported to be from the CEO. An employee provided login credentials in response to that email and then the hackers were able to get other credentials for accessing internal systems, the company said.

Chris Wysopal, chief technology officer for software security firm Veracode, said he believes that hackers will increasingly choose to go after third-party providers because their security is likely to be more lax than that of their customers.

"As the Internet becomes more interconnected, this risk is going to increase," he said.

Time and CNN, both owned by Time Warner, and the Washington Post all said they believed that their sites had not been impacted by anything besides the attack on Outbrain.

(Reporting by Jim Finkle in Boston and Jennifer Saba in New York; editing by Andrew Hay and Phil Berlowitz)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (4)
This is more like Russian mercernary hackers operating in Syria.

Aug 15, 2013 10:46pm EDT  --  Report as abuse
pinchejoto wrote:
Corporations and governments collect data that is then hacked by foreign military. Way to go guys! Nice way to spend all that tax money as well, instead of investing in better education, health care, and improved infrastructure(higher quality of life). Meanwhile, no one does anything except blame it on political parties, as if either one is making anything better.

Aug 15, 2013 11:24pm EDT  --  Report as abuse
CountryPride wrote:
Liars, this is just another lapdog media propaganda piece so that they can justify stealing from the US taxpayer to send billions of our money and weapons to Syrian rebel terrorists. This criminal warmonger administration knows no bounds when it comes to criminally interfering in other sovereign nations affairs and at the same time robbing the American people to do so!

Aug 15, 2013 11:58pm EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.