the internet

How the Syrian Electronic Army Keeps Hacking News Organizations

Not quite.

The chronic, relatively lo-fi hacking of the world’s various media outlets by the group calling itself the Syrian Electronic Army is made possible by the victims’ own gullible employees. Today, the Financial Times became the latest publication to have its website and Twitter spammed with messages like, “Do you want to know the reality of the Syrian ‘Rebels?’” joining the likes of CBS, The Onion, the Associated Press, the BBC, and many more. (In reporting on the epidemic, the New York Times itself admitted that its site “was subjected to denial of service attacks” this week, “which made it temporarily unavailable to a small number of users.”) But it’s not as high-tech as it sounds.

The tactic is called “spearphishing,” the Times reports, “in which attackers send e-mails that contain a link to a fake news article to employees at their target organization.” The loose-clicker is then taken to a site that looks legit, but is really used to collect user names and passwords:

The hackers then use that information to get inside employees’ inboxes, where they can send more e-mails to employees who have access to the organization’s social media accounts, then use that access to reset the organization’s password to their Twitter account.

In the attack on The A.P., a hacker who identifies himself as “Th3 Pr0” and a member of the Syrian Electronic Army said in an e-mail that the group convinced 50 A.P. employees to hand over their login credentials, including several of the organization’s social media editors.

Somewhere, a Nigerian prince is seeing an opening.

Financial Times, New York Times, AP All Targeted