'N.Y. Times' blames hackers in latest website crash

Roger Yu and James R. Healey | USA TODAY

The New York Times website was hacked Tuesday, the latest in a series of high-profile attacks on media websites.

It is the second failure of the Times' site in two weeks. It went dark on Aug. 14 due to what the publication said then was an internal problem, not the result of hacking.

The Times said Tuesday the website first crashed at about 3 p.m. ET following an online attack on the company's domain name registrar, Melbourne IT.

Marc Frons, chief information officer for The New York Times Co., issued a statement that the outage was "the result of a malicious external attack" and advised employees to "be careful when sending e-mail communications until this situation is resolved," according to a story that appeared on the newspaper's website.

Frons also said the attack was carried out by the Syrian Electronic Army "or someone trying very hard to be them." The SEA, a group of hackers who support Syrian President Bashar Assad, have organized and carried out online attacks on prominent websites in recent months.

Matt Johansen, head of the Threat Research Center at WhiteHat Security, tweeted Tuesday that he was sent to an SEA domain when he tried to go to the Times' website.

Twitter said Tuesday its website also was affected by a similar attack, but it didn't refer to SEA.

Later in the day, a Twitter account that seemingly belongs to SEA showed an image that indicates SEA also attacked Twitter's domain.

The Times said its site was restored shortly after the initial crash, but the hackers quickly disrupted it again. Trying to call up the website rendered varying experiences for readers in different places.

For many, the site was completely down. Others reported that typing the website's Internet protocol address — a numbered address — loaded a stripped-down version of the site, with links to stories that didn't work. Some found that the IP address led to a version that was similar but not identical to the main site, again with links that didn't work.

Gunter Ollmann, chief technology officer of Internet security firm IOActive, said the site was functional at his office in Atlanta. "The fact that I can see the site but you can't could mean" it could be a regionally limited attack, he said.

Ollmann added that the regionally varying results could also stem from the Times restoring servers located in different locations.

The Times turned to Twitter to tweet news updates.

Media websites are becoming increasingly complex and vulnerable as they integrate more software and content from partners, including third-party vendors, "widget" developers and advertising networks.

But corporate websites' Domain Name System (DNS), which assigns the site's domain names and indexes them on designated servers, remains particularly vulnerable to hacker attacks, Ollmann said. "It's a very complex equation," he said, adding, "there are soft points."

Twitter also said its trouble stemmed from its DNS provider, which "experienced an issue" that resulted in users having trouble viewing images and photos Tuesday. The attack on the unnamed vendor resulted in the outage of a Twitter domain used for images, twimg.com. Twitter did not confirm that SEA was involved. "No Twitter user information was affected by this incident," it said.

A day after the Times' Aug. 14 crash, the SEA also took down the websites of The Washington Post, CNNand Time. The companies said SEA hacked the Internet service of Outbrain, a content recommendation company whose software widget is embedded in their websites.

Such attacks underscore the vulnerability of electronic links and communication that now underpin much of the information flow in the U.S. But targeting media sites brings more attention for hackers, Ollmann said. "If the website of GE or The New York Times went down, which is going to generate more attention?"

The Wall Street Journal, a competitor of the Times, reacted quickly to the news of the outage. The newspaper, which requires subscribers to pay a monthly fee to access its articles, tweeted Tuesday that it is temporarily removing its pay wall for all readers.

The Times allows readers to read several articles for free each month, but requires a subscription for full access to its site.

Contributing: Jon Swartz