In yet another swing on media outlets, the Syrian Electronic army was on a Thanksgiving hacking expedition that breached tens of major media websites and Social media sites hosted by GoDaddy. Gigya, a customer Identity management firm whose clients were widely affected says no confidential data was leaked during the Thursday morning attack.
Apparently, a Syrian hacktivist group was on a ‘Thanksgiving’ hacking spree, breaching several media outlets including, the Independent, the Telegraph, CNBC, the Canadian Broadcasting Corp and the Boston Globe. Visitors to compromised sites on Thursday, were met with a message saying, “You’ve been hacked by the Syrian Electronic Army.”
Gigya, a start-up offering customer identify management services to the compromised sites, reported “sporadic failures” in its service for hours. By altering the Gigya’s Domain Name System (DNS), which hosted by another company known as GoDaddy, the group was able to direct Gigya’s traffic to its servers causing an outage.
The California based firm has confirmed that no incriminating customers’ information was compromised during the attack. “To be absolutely clear: neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised,” Chief Executive Patrick Salyer said in a blog post, adding that the breach was immediately neutralized, but it may take a couple of days to have Gigya service fully operation.
Syrian Electronic Army is believed to be a brain child Islamic Extremist group ISIS raking havoc on the cyber space. As expected, the group broadcasted their achievement of social media saying, “Happy thanks giving, hope you didn’t miss us! The press: Please don’t pretend #ISIS are civilians,” said the Pro Assad group in tweet.
Although, little was lost during the Thursday morning hack, the incidents explicitly proves the potential threat posed by Hacktivist groups on Private networks. Security experts have called on targeted media outlets and organizations to shore up their defense mechanism in a bid to keep off internet criminals in future. “We have put additional measures in place to protect against this type of attack in the future,” Salyer added.
CBC, one of the media outlet affected by the breach, reassured customers’ safety through its twitter handle saying, “The hack resulting in a pop-up on our site has been fixed. You may still see the pop-up as the fix takes time to propagate through DNS,” read CBCtweet. “There’s no risk to users,” read another CBC tweet. “It’s not a virus, just a hack that pops up that window.”
It is not the first time the group is unleashing is arsenal on Media outlets. A 2014 hack at Forbes and Vibes compromised customers’ data. In 2013, the New York Times, BBC, Reuters, Huffington Post and the Associated Press also suffered the blunt of the Syrian Electronic Army, unmilitary like antics.