Thursday, August 29, 2013

DNS redirection most recent hacking technique, at least by rogue states or regimes (New York Times and Twitter)

Is the most recent “hack” of the New York Times and Twitter an indication of a change in strategy by hackers?  Is this a risk to home users or small business or even newbie bloggers? Timothy B. Lee and Hayley Tsukayama have the story here

This time, it appears that the “Syrian Electronic Army” got access to the record keeping at an Australian company, Melbourne IT, which apparently the NYTimes and Twitter and others use.  “Ordinary” people are more likely to use one of the numerous domestic companies.  In fact, most large ISP hosting companies also offer domain name registry.  It used to be that the most important player in the US was Network Solutions, still a big player in the Loudoun County, VA technology corridor.
It seems bizarre that an autocratic regime would use such crude attacks against major news media.  This possibility wasn’t viable twenty years ago for Saddam Hussein.  Attacks against news media seem to have no effect on government policy, such as possible military intervention.

A practical risk for users would be financial institutions DNS being hacked and pointed to fake servers,  That is forestalled in part by https, but also by the use of secret images on sign on which tell you that you went to the real site.  A hack could not go on for long without attracting enormous attention from the news media.

I’ve experienced only one hack, in 2002, against an on-line copy of a chapter on terrorism from my “Do Ask Do Tell II: When Liberty Is Stressed” book (“pubbed” in 2002; the online essay had gone up first).  That defacement occurred starting with a passage that discussed possible terrorist use of nuclear weapons.  It contained some bizarre references to areas in NW Russia.   I’m not sure what anyone could make of it.  It was passed on to the FBI.  The corruption seemed to occur by leaving a Unix Site command open.  

So far, it has been large media, corporate and government sites that have been targeted for hacks.  Undermining of small business would have a different aim, a kind of psychological warfare of intimidation of the grass roots, which seems to be how things work within Putin’s Russia right now.  Or that may be how the legal bullies (copyright and patent trolls) work, but with nearly “fake” litigation.  We could say that about SLAPP lawsuits. 

It is taking up to 48 hours for the New York Times to become available again to all users, because correct DNS mapping has to propagate.  I can receive get it now through Comcast. I never did actualy experience the outage.  Twitter worked normally for me yesterday. 

I did have about a 10-hour outage Sunday night and Monday morning on my own site, but this appears to have been the result of  weekend ISP shared hosting Windows Server maintenance, which became more complicated than had been expected. 

No comments: