Times Web Site Affected by External Hacking Attack
The New York Times Web site was unavailable to readers Tuesday afternoon after an online attack on the company’s domain name registrar, Melbourne IT. The attack also forced employees of The Times to stop sending out sensitive e-mails.
周二下午，读者无法登陆《纽约时报》网站，原因是《纽约时报》公司(The New York Times Company)的域名注册商(Melbourne IT)此前遭遇了一次网络攻击。此次攻击还迫使公司的员工停止向外发送含有敏感内容的邮件。
Marc Frons, chief information officer for The New York Times Company, issued a statement at 4:20 p.m. warning employees that the disruption — which appeared to still be affecting the Web site well into the evening — was “the result of a malicious external attack.” He advised employees to “be careful when sending e-mail communications until this situation is resolved.”
In an interview, Mr. Frons said the attack was carried out by a group known as “the Syrian Electronic Army or someone trying very hard to be them.” The Web site first went down after 3 p.m.; after service was restored, the hackers quickly disrupted the site again. Shortly after 6 p.m., Mr. Frons said that “we believe that we are on the road to fixing the problem.”
在一次采访中，弗朗斯说，实施此次攻击的组织可能是“名为‘叙利亚电子军’(Syrian Electronic Army)的组织，要不就是某些竭力伪装成该组织的黑客。”《纽约时报》网站于下午3点首次瘫痪；服务恢复之后，黑客们很快再次中断了网站运转。下午6点后不久，弗朗斯说，“我相信，我们已经找到了修复问题的方法。”
Several people on Twitter also said they believed the attack was the work of the Syrian Electronic Army, a group of hackers who support President Bashar al-Assad of Syria. Matt Johansen, head of the Threat Research Center at White Hat Security, posted on Twitter that he was directed to a Syrian Web domain when he tried to access The Times’s Web site.
Twitter上的几名人士也说，他们认为，此次攻击是支持叙利亚总统巴沙尔·阿萨德(Bashar al-Assad )的叙利亚电子军干的。白帽安全公司(White Hat Security)威胁研究中心(Threat Research Center)主任马特·约翰森(Matt Johansen)在Twitter上发帖说，试图访问《纽约时报》网站的时候，他被导入了一个叙利亚域名网站。
The S.E.A. first emerged in May 2011, during the first Syrian uprisings, when they started attacking a wide array of media outlets and nonprofits and spamming popular Facebook pages like President Obama’s and Oprah Winfrey’s with pro-Assad comments. Their goal, they said, was to offer a pro-government counternarrative to media coverage of Syria.
The group has consistently denied ties to the government of Mr. Assad and has said it does not target Syrian dissidents, but security researchers and Syrian rebels are not convinced. They say the group is the outward-facing campaign of a much quieter surveillance campaign targeting Syrian dissidents and are quick to point out that Mr. Assad once referred to the S.E.A. as “a real army in a virtual reality.”
Until now, The Times has been spared from being hacked by the S.E.A., which has successfully disrupted the Web operations of news organizations like The Financial Times. On Aug. 15, the group attacked The Washington Post’s Web site through a third-party service provided by a company called Outbrain. At the time, the S.E.A. also tried to hack CNN. Some information security experts said the group also appeared to be ready to attack The New York Times Web site that day. (Just a day earlier, on Aug. 14, The Times’s Web site was down for several hours. The Times cited technical problems and said there was no indication the site was hacked.)
此前，《纽约时报》从未遭受叙利亚电子军的攻击。该组织曾成功地中断了英国《金融时报》(The Financial Times)等新闻机构的网络运行。8月15日，该组织通过一个名为Outbrain的公司提供的第三方服务攻击了《华盛顿邮报》(The Washington Post)的网站，还试图同时侵入CNN。一些信息安全专家表示，那一天，该组织似乎也准备好了要攻击《纽约时报》的网站。（此前一天，即8月14日，《纽约时报》的网站瘫痪了几个小时。《纽约时报》将此归结为一些技术问题，并且表示，没有迹象表明网站遭受了攻击。）
In a post on Twitter Tuesday afternoon, the S.E.A. also said it had hacked the administrative contact information for Twitter’s domain name registry records. According to the Whois.com lookup service, the Syrian Electronic Army was listed on the entries for Twitter’s administrative name, technical name and e-mail address.
Jim Prosser, a Twitter spokesman, said the social network was “looking into” the Syrian Electronic Army’s claim that it had taken control of a Twitter domain.
Mr. Frons said the attacks Tuesday on Twitter and The New York Times required significantly more skill than the string of S.E.A. attacks on media outlets earlier this year, when the group attacked Twitter accounts for dozens of outlets ranging from The Guardian to The Associated Press. Those attacks caused the stock market to plunge after the group planted false tales of explosions at the White House.
弗朗斯表示，相比于该组织今年早些时候对新闻媒体发起的一系列攻击，Twitter和《纽约时报》周二遭遇的攻击需要高得多的技巧。今年早些时候，该组织攻击了包括《卫报》(The Guardian)和美联社(The Associated Press)在内的几十家新闻媒体的Twitter账户。那些攻击引发了股市的暴跌，因为该机构发布假消息，称白宫发生了爆炸。
“In terms of the sophistication of the attack, this is a big deal,” said Mr. Frons. “It’s sort of like breaking into the local savings and loan versus breaking into Fort Knox. A domain registrar should have extremely tight security because they are holding the security to hundreds if not thousands of Web sites.”