The New York Times, Twitter, and other major sites were knocked offline yesterday in an attack by the Syrian Electronic Army (SEA). While there is certainly a political motivation to the hacks, there is an underlying lesson that all businesses should learn.

Apparently, the latest attack was the result of sites being redirected at the DNS server level. AlienVault Labs has posted a comprehensive list of domains pointing to the Syrian Electronic Army server as of last night. The WhoIs data for the New York Times domain showed the SEA listed as the admin for the domain, and the name server entries were modified to redirect to the SEA.

The Syrian Electronic Army was also reportedly behind recent attacks on The Washington Post. The recent attacks by the SEA have a common thread, and recognizing it is the first step to defending against future attacks.

Darien Kindlund, FireEye‘s manager of threat intelligence, says the attacks aren’t coming through the front door and attacking the sites directly. Instead, they’re going after the low-hanging fruit—exploiting weaknesses in third-party affiliates. “With the Washington Post, a third-party advertiser platform was hacked,” he says. “With the New York Times, the SEA went after the hosting provider.”

To read this article in full or to leave a comment, please click here