Share

Related Stories

  • Syrian Electronic Army hacks NPR
    After successfully compromising BBC Twitter feeds last month, the pro-regime Syrian Electronic Army has struck another news organization: the United States’ venerable National Public Radio (NPR).
  • BBC Weather’s Twitter hacked by Syrian Electronic Army
    Three BBC Twitter accounts were briefly taken over by the pro-Assad Syrian Electronic Army on Thursday afternoon: @bbcweather, @BBCarabicOnline, and @bbcradioulster. All have now been recovered.
  • Hacktivist group targets Syria in wake of internet blackout
    Global hacktivist collective Anonymous is targeting Syrian websites worldwide to protest an internet blackout in that country, which was instituted Thursday in what most think is an attempt by President Bashar al-Assad to cut off communication routes for the opposition.
  • Al-Jazeera SMS platform hacked by Syrian hacktivists
    The war of disinformation surrounding the Syrian unrest and other political hot potatoes is continuing, with the Al-Jazeera news service falling victim in the latest attack.
  • Reuters got caught up in a Syrian war of disinformation
    Reuters has finally come clean on its hack – “a now closed vulnerability in the WordPress software” – but indicates that it is a small part of a widespread war of disinformation being waged between the two sides in Syria.

Top 5 Stories

News

CBS News confirms hack of Twitter feeds

23 April 2013

The Twitter accounts for CBS News’ "60 Minutes" and "48 Hours" were hijacked over the weekend by the pro-regime Syrian Electronic Army, and used to push out messages “reporting” terrorist activity on the part of the US government. In response, Twitter has suspended the SEA’s account – or at least is trying to.

A prime sample of the weekend hack is this tweet: “Exclusive: Terror is striking the #USA and #Obama is Shamelessly in Bed with Al-Qaeda.” Another read, “New Evidence of CIA Arming Al Qaeda Terrorists in #Syria.” Aside from pushing out the fake news, the tweets also included links, which AllThingsD reported were believed to lead to malware-carrying web pages.

CBS was quick to denounce the phony feeds from its uncompromised @CBSnews account: "We have experienced problems on Twitter accounts of #60Minutes & @48Hours; We apologize for the inconvenience; Twitter is resolving issues.” The offending tweets have been taken down.

The Syrian Electronic Army, cyber-supporters of Syrian President Bashar Assad – is making news hacks its go-to M.O. Last week it compromised feeds from National Public Radio, while last month it commandeered the BBC's weather service, of all things. In the past, Reuters and Al-Jazeera have been victims.

Sophos Security’s Graham Cluley noted that Twitter is now playing what he terms “Whack-a-Mole” with the SEA as it tries to shut down the group’s account. The @Official_SEA has now been suspended, but the SEA just created a new account, called @SyrianCyberArmy.

“And when that one was shut down, they created yet-another-Twitter-account - @SEA_Official3,” Cluley said. “Guess what? Yep, that one has been shut down too. And, as certain as night follows day, the SEA responded by creating @Official_SEA5. You can probably guess what happens next in this story. That's right, @Official_SEA5 was suspended by Twitter. Not that that has stopped the hackers, of course.”

While Twitter does not yet have two-factor authentication, these kinds of hacks do point out the critical necessity to adopt more stringent login procedures whenever possible.

“Other organizations who are worried about their own accounts being hacked might want to consider more secure password policies and the possibility of turning on two factor authentication,” Cluley said.

This article is featured in:
Application Security  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×