* Headlines sabotaged, link posted to execution video
* Latest in series of hacker attacks on news media
By Jim Finkle and Jennifer Saba
May 17 The Financial Times' website and Twitter
feeds were hacked on Friday, renewing questions about whether
the popular social media service has done enough to tighten
security as cyber-attacks on the news media intensify.
The Syrian Electronic Army, an online group that supports
Syrian President Bashar al-Assad, was behind the incident which
followed a phishing attack on the company's email accounts, FT
reported on its website.
The attack is the latest in which hackers commandeered the
Twitter account of a prominent news organization to push their
agenda. Twitter's 200 million users worldwide send out more than
400 million tweets a day, making it a potent distributor of
"Twitter has become a big enough media outlet that they
should provide better security for high-value accounts like the
Associated Press, the FT and others," said Mikko Hypponen, chief
research officer with security software maker F-Secure.
Several attempts to reach Twitter for comment were
unsuccessful. The company's media relations team made no mention
of the attack on its own Twitter feed.
Last month, the Syrian Electronic Army took control of the
Associated Press' official Twitter feed and sent out a bogus
message that two explosions at the While House injured President
Obama. The false tweet triggered a brief but steep sell-off in
the U.S. financial markets.
That followed a spate of attacks in the past year by the
group on Twitter accounts of other media organizations,
including the BBC, National Public Radio, CBS, Reuters News and
the satirical news website The Onion.
Over the past few years security experts have become
increasingly vocal in calling for Twitter to introduce an
additional safety measure, a two-step process to log in, that
would help reduce breaches.
This type of authentication has long been used by
governments and big corporations and in recent years some
consumer Internet companies like Facebook Inc, Google Inc
and Microsoft Corp have embraced it.
"You can get two-factor authentication for World of
Warcraft, but you can't get it for Twitter. Go figure," Hypponen
said, referring to the popular video game.
In Friday's hacking of the FT, the Syrian Electronic Army -
which regularly targets media organizations it sees as
sympathetic to Syria's rebels - posted links on the newspaper's
Twitter feed to YouTube.
The video purports to show members of the al Qaeda-linked
Nusra Front Syrian rebel group executing blindfolded and
kneeling members of the Syrian army.
The video could not be independently verified.
"Today various FT Twitter accounts and one FT blog (not more
as previously stated) were compromised by hackers. We have now
secured those accounts are working to resolve the issue as
quickly as possible," the FT, owned by Pearson Plc,
said in an updated statement.
Stories on the FT's website had their headlines replaced by
"Hacked By Syrian Electronic Army" and messages on its Twitter
feed read: "Do you want to know the reality of the Syrian
'Rebels?'" followed by a link to the video.
The FT's feeds dedicated to technology and commodities were
among those affected.
Also on Friday, the Kyodo news agency reported that Yahoo
Japan suspects up to 22 million of its 200 million user IDs may
have been leaked. Kyodo said Yahoo Japan also detected an
unauthorized attempt to access the administrative systems of its