PCMag.com reports that visitors to the New York Times were redirected to a page stating "Hacked by Syrian Electronic Army" for several hours, while the WHOIS listings for the New York Times, Twitter, and the Huffington Post UK were changed to list the Syrian Electronic Army as contacts.
In response, the New York Times tweeted, "The New York Times Web site is experiencing technical difficulties. We are working on fully restoring the site," followed three minutes later by the pointed statement, "We will continue to publish the news. Here is our latest report on Syria: nyti.ms/12ICzNQ"
According to Matthew Keys, domain registrar Melbourne IT confirmed that user credentials were stolen via a phishing attack, which enabled the hackers to modify the DNS records for Twitter, the New York Times and the Huffington Post UK.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
In a statement on the attack, CloudLock enterprise solutions architect Kevin O'Brien said, "If anything, this is another example of why companies need to implement properly layered defense strategies. The issue with the DNS compromise was that a single point of failure -- the domain record company hacked, in this case -- resulted in 'real-world' damages. Any time a single point of failure exists, one should assume that it will be the target of concerted effort on the behalf of criminals who wish to exploit, destroy, or compromise an organization."