The Syrian Electronic Army, a group of hackers supporting the Assad regime that likes to attack western media sites and human rights groups, appears to have hacked a large number of global news websites today, including The Daily Telegraph, The Independent, The Evening Standard, The LA Times, CNBC, NBC, The Boston Globe, Forbes and Business Insider, and OK Magazine and America’s National Hockey League.

Visitors to those sites saw a JavaScript pop-up, saying: “You’ve been hacked by the Syrian Electronic Army(SEA)”.

The message apparently appeared only intermittently, and only affected users of Apple devices.

All is not quite as it seems, however. All those news organisations – and the NHL – share a single content delivery network (CDN) – Gigya.

The Independent explains:

“The hack hit websites using the popular Gigya comment platform. Hackers re-directed some users to their site or to display their messages, by exploiting the DNS entry — which translates URLs such as independent.co.uk into directions to the site — at GoDaddy, the site’s domain registrar.

“The Gigya platform itself was not hacked, and no user data is or was in jeopardy, said experts.”

Cyber security experts agree that it was a DNS (Domain Name System) attack affecting the Gigya CDN. DNS hijacking rarely affects customer information, instead causing disruption to affected sites by gaining control over domain names.

In this case, a third party was to blame. It’s just unfortunate for Gigya that so many of its client organisations were affected. Gigya is yet to comment on the situation.

DNS can be vulnerable in many ways. The best way to ensure your organisation – and all the many customers who rely on your service – doesn’t fall victim to a DNS attack is to implement and maintain an information security management system (ISMS), as set out in the international best-practice standard ISO 27001. Click here to find out more about securing your organisation >>