Syrian Electronic Army claims hack of news sites, including CBC - Action News
Home WebMail Saturday, November 23, 2024, 05:21 AM | Calgary | -11.9°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Science

Syrian Electronic Army claims hack of news sites, including CBC

The Syrian Electronic Army is claiming responsibility for the hacking of multiple news websites, including CBC News.

SEA appears to have used Gigya.com to hack into news, business sites

Some CBC users reported seeing this message after multiple global websites, including CBC News, were hacked. The Syrian Electronic Army is taking credit for the attack. (Jacquie Surges/Twitter)

The Syrian Electronic Army is claiming responsibility for the hacking of multiple news websites, including CBC News.

CBCNews.ca was affected Thursdayby the hacking. The site returned to normal later Thursday morning.

Earlier, someusers trying to access the CBC website reported seeing a pop-up message reading:"You've been hacked by the Syrian Electronic Army (SEA)."

According to technicians who worked on the fix, it may take several hours for systems to restore to normal. However, CBC News has been told that no personal data was accessed in the hack that affected CBC sites, and nothing foreign was installed on computers or devices while readers accessed the CBC during the incident.

Users are advised to clear their browser cache, although a complete fix may require internet service providers to also do some work on their end.

Gigyaplatform used to hack other sites

The hack targeted a network used by many news organizations and businesses.

A tweet from an account appearing to belong to the Syrian Electronic Army suggested the attacks were meant to coincide with the U.S.Thanksgiving on Thursday.

To be absolutely clear: neitherGigya'splatform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised.-PatrickSalyer,GigyaCEO

The group claimed to have usedthe domain Gigya.com, a company that offers businesses a customer identity management platform, to hack into other sites via GoDaddy, its domain registrar. Gigyais "trusted by more than 700 leading brands," according to its website.

The hacker or hackers redirected sites to the Syrian Electronic Army image that users saw.

Gigya's operations team released a statement Thursday morning saying that itidentified an issue with its domain registrar at 6:45 a.m. ET. The breach "resulted in the redirect of the Gigya.com domain for a subset of users," the company said.

The companycorrected the issue at 7:40 a.m. ET and says the solution typically takes minutes to take effect, but can take longer in some cases.

"To be absolutely clear: neither Gigya'splatform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised," CEO Patrick Salyer said in a company blog post about the service attack.

Salyer said the company has taken additional measures to protect itself from future attacks.

CBC uses Gigya for social share tools only, and doesn't collect any user data through this feature.

CBC readers seeing the pop-up message should not be concerned about the security of their personal computers or devices. Their electronics have not been hacked.

Aside for the pop-up, the CBC website, content and audience werenot adversely affected. The hackers only created a redirect to transfer visitors from CBCNews.ca to the Syrian Electronic Army site.They did not access CBC's systems or servers.

News sites, businesses impacted

The Telegraph reported that part of its website run by a thirdparty was compromised earlier Thursday.

"We've removed the component," the Telegraph tweeted. "No Telegraph user data was affected."

The Independent reported that it was also affected by the apparent hacking, as well asthe Chicago Tribune, CNBC, PC World and Forbes citing social media.

Others reported that some business sites were also hacked.

Twitter user Benjamin Spears said the Walmart Canada site was displaying the same message.

Previous hacks against media

This is not the first time the group has claimed responsibility for hacking major websites.

In August 2013, the Syrian Electronic Army said it shut down the New York Times website for several hours.

It also attempted to hack into Twitter, but only managed to sporadically cause some trouble for users trying to view images and photos.

In the months prior to that attack, the Syrian Electronic Army had taken credit for a number of web attacks on media it considers sympathetic to Syria's rebels, including previous attacks on the New York Times, as well as the Washington Post, AgenceFrance-Press, 60 Minutes, CBS News, National Public Radio, The Associated Press, Al-Jazeera English and the BBC.