The Syrian Electronic Army is claiming credit today for hacking content recommendation service Outbrain, which appears to have affected several media outlets that include TIME, CNN and the Washington Post.
— SyrianElectronicArmy (@Official_SEA16) August 15, 2013
Outbrain has confirmed the attack (without mention of SEA).
Due to an attack, our recommendations are down. Our team is working to get our system secure & up shortly. Apologize for any inconvenience.
— Outbrain (@Outbrain) August 15, 2013
The Washington Post also confirmed its disruption this morning. In a statement posted to its website, the newspaper outlet stated:
The Washington Post Web site was hacked today, with readers on certain stories being redirected to the site of the Syrian Electronic Army. The group is a hacker collective that supports Syrian President Bashar al-Assad.
The Post is working to resolve the issue.
The disruption could also be seen in a screen shot captured of the TIME website, where the article recommendations at the bottom of the page read “Hacked by SEA” in the heading. Clicking on any of the articles for a time redirected the user to the SEA website. I was not able to recreate it on the CNN website at the time of this writing.
While WaPo indicated its site was “hacked,” this was not necessarily entirely the case. As Hacker News has described in an exclusive interview with one of SEA’s hackers, it is more likely the hacking of the Outbrain service that has caused the disruption for WaPo.
Syrian Electronic Army has hacked into Outbrain service and take control of admin panel. The security breach affects CNN, Washington Post, Time and more high profile websites.Outbrain is a content recommendation service whose widget offers to help internet publishers increase web traffic at their websites. It does so by presenting them with links to articles and other content.
Hacker News offered this tweet, which illustrates what users are experiencing at the affected news sites.
Reading @wapo article & redirected to website of Syrian Electronic Army–twice. A nice hack, but now I'm probably on a watch-list.
— Nathan K. Hensley (@nathankhensley) August 15, 2013
Earlier this week, the SEA also claimed responsibility for attacks on the Facebook page of the NY Post and several of its editors’ Twitter accounts, as well as the social media optimization platform SocialFlow, which includes many media outlets as its customers.
In an interview with the Daily Beast, one hacker claiming to be with SEA, “SEA the Shadow,” told author Brian Ries that the recent hackings were retaliation for Twitter’s repeated attempts to shut down the SEA on its social network.
“Our account has been closed 15 times,” the hacker said in an interview conducted over the hackers’ medium of choice, Twitter. “We warned that we will hack the Twitter accounts of the mass media if Twitter closed our accounts again. They closed our accounts, and so we have implemented the threat.”
The hacker said his group’s main goal “has become known to all.”
“We want to see the world the truth about what is happening in Syria,” the hacker said. When asked what that “truth” is, the person stated: “There is no revolution in Syria, but terrorist groups killing people accusing Syrian Arab Army.”
Indeed, regardless of its most current excuse for retaliation, the SEA has never been coy about sharing its true stated purpose. It has boldly supported Syria’s Assad regime and frequently posts pro-Assad propaganda in most of its hijacking and hacking antics.
News outlets have been a primary target of the SEA for several years now, with more attention focused on the SEA’s attacks in more recent months, and it appears these will continue to remain targets. Thus far, most of the attacks have been relatively harmless, some of them even comical in their response. But as I wrote near the conclusion of this post and in several others, there has been concern for quite some time that such hijacking of news accounts – by SEA or any other – could turn into something more serious. As SEA said to the Daily Beast and in previous statements, its infamous hack on the Associated Press was done with the intent to cause “damage to the U.S. economy.” While that incident caused some temporary damage, it was reversible because the SEA’s false tweet was obvious enough to be caught and rectified quickly.
I’ve covered the Syrian Electronic Army extensively here at Legal Insurrection, view more articles here.
Since the writing of this post while it awaited scheduling, the Washington Post has since confirmed that it was the Outbrain attack that affected its own site. WaPo tech reporter Brian Fung explains, Here’s how the Syrian Electronic Army’s hack worked.