Hack attacks, explained

Aug 30, 2013 by Christina Pazzanese
After the Syrian Electronic Army disrupted The New York Times’ website for nearly a day, Harvard’s Jonathan L. Zittrain discussed how institutions will have to react in order to protect themselves. Credit: Stephanie Mitchell/Harvard Staff Photographer

Computer network hackers calling themselves the Syrian Electronic Army earlier this week disrupted The New York Times' website for nearly a day and electronic publishing on the Twitter social network for several hours. Also targeted were the Huffington Post and other media outlets.

These , which involved hijacking the companies' by altering their numeric addresses, which in turn prevented visitors from seeing the websites, are just the most recent in a series of strikes on news organizations, including The Washington Post, The Associated Press, and the Financial Times, in the past few months.

To better understand the attacks, Gazette staff writer Christina Pazzanese asked Harvard's Jonathan L. Zittrain to comment by email on what happened and how institutions will have to react in order to protect themselves from future disruptions. Zittrain is a professor of law at Harvard Law School and the Harvard Kennedy School, and a professor of at the School of Engineering and Applied Sciences. He is also co-founder of Harvard's Berkman Center for Internet & Society.

GAZETTE: Who is the Syrian Electronic Army?

ZITTRAIN: It appears to be a confederation of computer hackers who support the Syrian government. How much the Syrian state actively supports it is not known, which is a common problem in trying to understand groups of this sort.

GAZETTE: It doesn't sound especially difficult to initiate a Domain Name System (DNS) attack. What's involved?

ZITTRAIN: A distributed-denial-of-service attack is common, in part because it's easy to hijack many of the less-than-secure PCs connected to the Internet and use them to help overwhelm a website. There are even marketplaces in buying access to such PCs, so aggressors need not themselves be hackers. Websites like The New York Times tend to be well "bunkerized" against such attacks.

But there can be other forms of disrupting access, such as reconfiguring a site's domain name so that it points elsewhere—that's what happened here. That could be catastrophic for a bank whose customers are used to logging in at a given name, unaware that the name is now taking them to a new site, and it can also make a real statement for those who try to visit a news site that has been diverted. It's not supposed to be that easy to do. I imagine someone either hacked the password for the NYT's account with its domain name registrar, compromised the registrar's systems overall, or managed to "sweet talk" the registrar into doing a password recovery.

GAZETTE: If it is fairly simple to do, does that make it potentially more of a threat to a greater variety of institutions than a server breach?

ZITTRAIN: Both are threats. Rerouting DNS could also entail rerouting all of the company's incoming email if it's attached to the same domain. That could be terrible!

GAZETTE: Are these website disruptions happening more frequently now, and, if so, why?

ZITTRAIN: Yes, disruptions are happening more frequently, perhaps because they're seen as having more impact. As more people use the Internet, more people will be affected by a blockage.

GAZETTE: What can organizations do to protect themselves from this kind of attack?

ZITTRAIN: StopBadware.org is an example of a nonprofit that began at the Berkman Center that's now standalone. It provides webmasters with advice on keeping their sites safe.

GAZETTE: What kinds of systemic changes need to happen to prevent vandals from disrupting global businesses?

ZITTRAIN: Over the longer term, the ideal will be to come up with security strategies that don't entail every site huddling under the umbrella of a couple massive Web-hosting providers. One set of thoughts on this topic is here.

GAZETTE: What are the free-speech implications of attacks targeting media outlets like The New York Times, The Washington Post, and the Financial Times?

ZITTRAIN: There's actually a divide in the broader hacker community about denial-of-service attacks. Some see it possible to do "properly" as a form of digital sit-in. Others think it's a bad idea, full stop: that information should flow freely, regardless of source.

Explore further: Reddit launches crowdfunding platform Redditmade

add to favorites email to friend print save as pdf

Related Stories

Taking stock of technology

Jun 19, 2013

At the recent Harvard IT Summit, Anne Margulies, vice president and University chief information officer, mentioned how Harvard had been at the forefront of information technology since its inception, even to the point of ...

Recommended for you

HTML5 reaches 'Recommendation' status

Oct 29, 2014

W3C stands for World Wide Web Consortium, and the W3C HTML Working Group is responsible for this specification's progress. As the title suggests, they have a far-reaching job of watching out for the progress ...

Online dating service admits to fake profiles

Oct 29, 2014

A British-based online dating service admitted to US regulators Wednesday that it created fake, computer-generated profiles to lure users into upgraded memberships.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.