(Photo: EMMANUEL DUNAND AFP/Getty Images)
By Byron Acohido, USA TODAY
SEATTLE -- Given multiple waves of denial of service attacks against U.S. banks by an Islamic group, the disabling Wednesday morning of the New York Times website had the cybersecurity community on alert.
public website became inaccessible as of around 11 a.m. Eastern time
for at least an hour, longer in some parts of the nation, according to
A talk last month at the Black Hat conference in Las Vegas featured a proof-of-concept demonstration by
WhiteHat Security chief technology officer Jeremiah Grossman showing
how anyone could circulate a paid online ad in a way that would cause a
targeted website to be inundated by mundane service requests triggered
by the mere circulation of the ad.
But something even more mundane apparently caused the New York Times website outage: human error.
least that's the consensus of IT pros who discuss things on
puck.nether.net. One poster says "a self-inflicted wound, having to do
with a software update that was rolled out to both the production and
backup servers simultaneously," caused the failure.
Ollmann, chief technology officer at IOActive, says "based upon a couple
of screen shots that people have posted it could have been something as
simple as a misconfigured DNS server or load balancer. From the
underground side, there's no discussions or perps claiming
responsibility. I tend to believe that this was likely self-inflicted."
Tom Kellermann, Trend Micro's vice president of cyber security, for one, doesn't buy that explantion.
notes that both the paper's web server and internal e-mail server were
inaccessible, even after robust security measures taken in the wake of
Chinese hackers targeting the New York Times and other big media outlets late last year and earlier this year.
a good spin to blame this on a crappy update or bad management, but I'm
leaning toward the fact that they're under attack again," says
Meanwhile, a blog posted
on Monday by researchers at security firm FireEye, adds to the
intrigue. Researchers Ned Moran and Nart Villeneuve assert that the
Chinese hacking collective that cracked into the New York Times'
computer network late last year appear to be at it again, mounting fresh
assaults with new and improved versions of malicious software.
all the attention paid to security to have a web server and e-mail
server go down in tandem just doesn't sound right. You usually lose one
or the other, and when you lose your e-mail server it's usually from
something nefarious," Kellermann says. "So is it hackers from the past
returning to haunt them again or new hacktivists attacking them for
something they've done or reported recently?"
FireEye's manager of threat intelligence, says he does not believe the
Chinese hacking group tied to earlier New York Times hack -- and back in
action again -- caused the outage today.
"It goes against against
their whole motive," Kindlund says. "They're into this to steal large
scale quantities of intelligence and if they were to disrupt their
victims it would be clear what's going on and they'd no longer be able
to steal any intelligence."