News network CNN is the latest victim of an attack against its social media feeds, perpetrated by the hacker group known as the Syrian Electronic Army (SEA).
Multiple CNN Twitter accounts were briefly compromised on the evening of Jan. 23, including the main @CNN account as well as CNN’s Security Clearance @natlsecuritycnn accounts.
According to CNN, posts made by the SEA to the CNN account were deleted within minutes on Thursday night.
The SEA—an online hacktivist group that is loosely affiliated with the government of embattled Syrian President Bashar al-Assad—gained significant notoriety in 2013 with a number of high-profile exploits against media organizations. In August, the SEA successfully targeted The Washington Post. That attack was followed by an attack that victimized the New York Times.
Earlier this month, the SEA was able to successfully compromise multiple Microsoft Skype social media accounts.
Adam Meyers, vice president of Intelligence at CrowdStrike, wrote in an email to eWEEK that the CNN Twitter attack is consistent with the behavior of the SEA during 2013 as outlined in the CrowdStrike Global Threat Report.
“We have observed a notable increase in their activity over the entirety of 2013 and they came into 2014 going strong, running a series of credential harvesting campaigns, twitter account takeovers, and website defacements against CNN and Microsoft,” Meyers said.
Anup Ghosh, founder and CEO of Invincea, told eWEEK in an email that at a broad level, his view is that CNN’s own response on Twitter to the Twitter account hack says so much about where we are in information security today.
Ghosh noted that CNN’s response really means that no one is immune from the threat of cyber-attack.
“Whether it be attacks against government agencies and departments for espionage purposes, infiltration by nation states of corporations for intellectual property theft, campaigns by cyber-criminals against major retail establishments or account takeovers and website defacements from the likes of SEA—our defenses aren’t standing up to the threat,” Ghosh said.
Twitter does have a mechanism in place for security, including two-factor authentication, which debuted in March of 2013. With two-factor authentication, in addition to a password, a second factor or password that is automatically generated and sent via SMS is required to get Twitter access.
“We’re talking about an account takeover here—and the use of dual factor authentication on Twitter accounts may have prevented this and others,” Ghosh said. “From some reports, even after being breached previously, CNN did not take this simple step. This capability is advisable as a baseline step.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.