Hack attacks, explained

August 30, 2013 by Christina Pazzanese
After the Syrian Electronic Army disrupted The New York Times’ website for nearly a day, Harvard’s Jonathan L. Zittrain discussed how institutions will have to react in order to protect themselves. Credit: Stephanie Mitchell/Harvard Staff Photographer

Computer network hackers calling themselves the Syrian Electronic Army earlier this week disrupted The New York Times' website for nearly a day and electronic publishing on the Twitter social network for several hours. Also targeted were the Huffington Post and other media outlets.

These , which involved hijacking the companies' by altering their numeric addresses, which in turn prevented visitors from seeing the websites, are just the most recent in a series of strikes on news organizations, including The Washington Post, The Associated Press, and the Financial Times, in the past few months.

To better understand the attacks, Gazette staff writer Christina Pazzanese asked Harvard's Jonathan L. Zittrain to comment by email on what happened and how institutions will have to react in order to protect themselves from future disruptions. Zittrain is a professor of law at Harvard Law School and the Harvard Kennedy School, and a professor of at the School of Engineering and Applied Sciences. He is also co-founder of Harvard's Berkman Center for Internet & Society.

GAZETTE: Who is the Syrian Electronic Army?

ZITTRAIN: It appears to be a confederation of computer hackers who support the Syrian government. How much the Syrian state actively supports it is not known, which is a common problem in trying to understand groups of this sort.

GAZETTE: It doesn't sound especially difficult to initiate a Domain Name System (DNS) attack. What's involved?

ZITTRAIN: A distributed-denial-of-service attack is common, in part because it's easy to hijack many of the less-than-secure PCs connected to the Internet and use them to help overwhelm a website. There are even marketplaces in buying access to such PCs, so aggressors need not themselves be hackers. Websites like The New York Times tend to be well "bunkerized" against such attacks.

But there can be other forms of disrupting access, such as reconfiguring a site's domain name so that it points elsewhere—that's what happened here. That could be catastrophic for a bank whose customers are used to logging in at a given name, unaware that the name is now taking them to a new site, and it can also make a real statement for those who try to visit a news site that has been diverted. It's not supposed to be that easy to do. I imagine someone either hacked the password for the NYT's account with its domain name registrar, compromised the registrar's systems overall, or managed to "sweet talk" the registrar into doing a password recovery.

GAZETTE: If it is fairly simple to do, does that make it potentially more of a threat to a greater variety of institutions than a server breach?

ZITTRAIN: Both are threats. Rerouting DNS could also entail rerouting all of the company's incoming email if it's attached to the same domain. That could be terrible!

GAZETTE: Are these website disruptions happening more frequently now, and, if so, why?

ZITTRAIN: Yes, disruptions are happening more frequently, perhaps because they're seen as having more impact. As more people use the Internet, more people will be affected by a blockage.

GAZETTE: What can organizations do to protect themselves from this kind of attack?

ZITTRAIN: StopBadware.org is an example of a nonprofit that began at the Berkman Center that's now standalone. It provides webmasters with advice on keeping their sites safe.

GAZETTE: What kinds of systemic changes need to happen to prevent vandals from disrupting global businesses?

ZITTRAIN: Over the longer term, the ideal will be to come up with security strategies that don't entail every site huddling under the umbrella of a couple massive Web-hosting providers. One set of thoughts on this topic is here.

GAZETTE: What are the free-speech implications of attacks targeting media outlets like The New York Times, The Washington Post, and the Financial Times?

ZITTRAIN: There's actually a divide in the broader hacker community about denial-of-service attacks. Some see it possible to do "properly" as a form of digital sit-in. Others think it's a bad idea, full stop: that information should flow freely, regardless of source.

Explore further: Taking stock of technology

Related Stories

Taking stock of technology

June 19, 2013

At the recent Harvard IT Summit, Anne Margulies, vice president and University chief information officer, mentioned how Harvard had been at the forefront of information technology since its inception, even to the point of ...

Recommended for you

Microsoft describes hard-to-mimic authentication gesture

August 1, 2015

Photos. Messages. Bank account codes. And so much more—sit on a person's mobile device, and the question is, how to secure them without having to depend on lengthy password codes of letters and numbers. Vendors promoting ...

Power grid forecasting tool reduces costly errors

July 30, 2015

Accurately forecasting future electricity needs is tricky, with sudden weather changes and other variables impacting projections minute by minute. Errors can have grave repercussions, from blackouts to high market costs. ...

Netherlands bank customers can get vocal on payments

August 1, 2015

Are some people fed up with remembering and using passwords and PINs to make it though the day? Those who have had enough would prefer to do without them. For mobile tasks that involve banking, though, it is obvious that ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.