Melbourne IT tells how hacker launched NY Times cyberattack
The newspaper's domain name registrar says that someone took over a reseller account on Melbourne IT's systems to take down the Web site of The New York Times.
Earlier today, somebody or some organization managed to access a reseller account on Melbourne IT's network toThe New York Times' Web site.
A spokesman for Melbourne IT, which is the domain registrar that keeps control over the nytimes.com name, told CNET in an e-mail that "the credentials of a Melbourne IT reseller (username and password) were used to access a reseller account on Melbourne IT's systems."
The identity of the culprit remains unclear, although the Syrian Electronic Army, a shadowy hacker group that backs President Bashar al-Assad of Syria, is a suspect. In a statement, Marc Frons, chief information officer for The New York Times Co., said the attack was carried out by the Syrian Electronic Army, "or someone trying very hard to be them."
In what appears to be a related incident Tuesday, the SEA also reportedlytemporarily.
Melbourne IT said its investigation found that the DNS (domain name system) records of several domain names on the reseller account in question got changed -- including that of the nytimes.com.
"We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies," the Melbourne IT spokesman said.
Melbourne IT also suggested that the intruders might have had a harder time of it had the real owner of the reseller account used available registry lock features. It did not identify the name of the reseller.