A number of websites – including CNBC and other media organizations - were targeted by the Syrian Electronic Army on Thursday.
Screenshots posted on Twitter showed an error message on a number websites that read: "You've been hacked by the Syrian Electronic Army (SEA)". The SEA logo – of an eagle and a version of the Syrian flag - appeared on other sites
Companies including Dell, Microsoft, Ferrari and humanitarian organization Unicef were among those targeted, according to screenshots on Twitter and a website claiming to be form the SEA. Media organizations such as Forbes, The Chicago Tribune, The Guardian, The Telegraph and Italy's La Repubblica were also affected. The error message appeared to some users of CNBC.com.
Gigya, a customer management platform used by over 700 leading brands, was identified as one cause of the issue. In a statement published in its website on Thursday afternoon, the company said it had been the subject of a service attack.
It stressed that the attack was a result of a breach with its domain registrar which in some cases resulted in Gigya services being redirected to the attacker's sites.
"To be absolutely clear: neither Gigya's platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised," the company said.
CNBC wasn't able to independently verify the authenticity of the SEA's website or screenshots posted on Twitter.
Security experts said that the attack in no way maliciously compromised the websites, but in effect, redirected users to a page created by the SEA.
"It is PR move to show they have the skills, but what they are doing is not dramatically sophisticated," Ernest Hilbert, managing director of cybercrime at investigations firm Kroll, and former FBI agent, told CNBC.
"This is a defacement of a website and they redirected traffic from the real site to a site with their stuff on it instead."
Hilbert added that the attack was launched today because it is Thanksgiving in the U.S. where many people would be sitting at home browsing news websites on their laptops and mobile devices.
The Syrian Electronic Army has claimed to be behind a number of high-profile cyber-attacks over recent years. The group is a hacker collective that supports Syrian President Bashar al-Assad, according to what appears to be the group's official website.
In January this year, the group claimed it had temporarily compromised the Twitter account of U.S. President Barack Obama. It has also claimed to be behind earlier attacks of media organizations including the Associated Press and The Financial Times.
On its website, the Syrian Electronic Army says it was created in 2011 "when the Arab and Western media started their bias in favor of terrorist groups that have killed civilians, the Syrian Arab Army and have destroyed private and public property."
http://www.cnbc.com/id/102222249#.
http://www.reuters.com/article/2014/11/27/us-syria-crisis-hack-idUSKCN0JB1HM20141127
Screenshots posted on Twitter showed an error message on a number websites that read: "You've been hacked by the Syrian Electronic Army (SEA)". The SEA logo – of an eagle and a version of the Syrian flag - appeared on other sites
Companies including Dell, Microsoft, Ferrari and humanitarian organization Unicef were among those targeted, according to screenshots on Twitter and a website claiming to be form the SEA. Media organizations such as Forbes, The Chicago Tribune, The Guardian, The Telegraph and Italy's La Repubblica were also affected. The error message appeared to some users of CNBC.com.
Gigya, a customer management platform used by over 700 leading brands, was identified as one cause of the issue. In a statement published in its website on Thursday afternoon, the company said it had been the subject of a service attack.
It stressed that the attack was a result of a breach with its domain registrar which in some cases resulted in Gigya services being redirected to the attacker's sites.
"To be absolutely clear: neither Gigya's platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised," the company said.
CNBC wasn't able to independently verify the authenticity of the SEA's website or screenshots posted on Twitter.
Security experts said that the attack in no way maliciously compromised the websites, but in effect, redirected users to a page created by the SEA.
"It is PR move to show they have the skills, but what they are doing is not dramatically sophisticated," Ernest Hilbert, managing director of cybercrime at investigations firm Kroll, and former FBI agent, told CNBC.
"This is a defacement of a website and they redirected traffic from the real site to a site with their stuff on it instead."
Hilbert added that the attack was launched today because it is Thanksgiving in the U.S. where many people would be sitting at home browsing news websites on their laptops and mobile devices.
The Syrian Electronic Army has claimed to be behind a number of high-profile cyber-attacks over recent years. The group is a hacker collective that supports Syrian President Bashar al-Assad, according to what appears to be the group's official website.
In January this year, the group claimed it had temporarily compromised the Twitter account of U.S. President Barack Obama. It has also claimed to be behind earlier attacks of media organizations including the Associated Press and The Financial Times.
On its website, the Syrian Electronic Army says it was created in 2011 "when the Arab and Western media started their bias in favor of terrorist groups that have killed civilians, the Syrian Arab Army and have destroyed private and public property."
http://www.cnbc.com/id/102222249#.
http://www.reuters.com/article/2014/11/27/us-syria-crisis-hack-idUSKCN0JB1HM20141127