It's back. On Tuesday, and part of Wednesday, the New York Times website was brought down by Syrian Electronic Army, a group of hackers who support Syrian President Bashar al-Assad. The cyberattack, AllThingsD reported, forced the New York Times to direct readers to a mini-site on its corporate nytco.com website.
The attack on the NYT's domain name registrar, which redirected traffic to an SEA website, coincided with another similar one that hit Twitter, in which both of the main Twitter site and twimg.com, a domain used for hosting images posted to the service, were briefly redirected.
Attempts to reach the New York Times site on Wednesday were successful for some, but failed for others. However, in tweets posted early on Wednesday, the SEA said it had halted its hacking efforts.
In two separate tweets, the SEA admitted its server couldn't hold up to New York Times-level traffic.
The @nytimes attack was going to deliver an anti-war message but our server couldn't last for 3 minutes #SEA
Our website and domain are now down, but it was worth the attempt, for #Syria and world peace. #SEA
In a third tweet, the hackers claimed their attack on Twitter was meant to put the site “in darkness” out of respect for Syrians killed in that country’s two-year old civil war -- due to "lies" tweeted on the site.
We placed twitter in darkness as a sign of respect for all the dead #Syria-ns due to the lies tweeted it. #TWimg #SEA
In both the New York Times' attack and the Twitter takedown, the domain name registrar was Melbourne IT. On Wednesday morning, the SEA took credit for an attack on that company’s website, and left a message saying that its "server security is very weak.”
Melbourne IT has confirmed that it was targeted as part of the attacks on the Times and Twitter.
A domain name server basically translates a string, such as www.nytimes.com, to an IP address that is the actual site. In this sort of attack, that redirection is subverted such that the redirection is made to a different website.