SlideShare a Scribd company logo

Translation article

Download as DOCX, PDF
Novita Ajeng Primantari
Novita Ajeng Primantari

The websites of the New York Times and Twitter suffered problems after a hack by the Syrian Electronic Army (SEA) that maliciously edited the domain name details registered by Melbourne IT. The SEA was able to gain access to Melbourne IT's system where the domains were registered, allowing them to change DNS settings and point the domains to SEA's own websites instead. While Twitter remained active, other properties like image storage domain twimg.com were disrupted. Media organizations are increasingly facing more sophisticated attacks beyond simple denial-of-service attacks.

1 of 6
Name :NovitaAjengPrimantari Class of CCIT-UIN Translation NewYorkTimesandTwitterstruggleafterSyrianhack The websites of the New York Times and Twitter are still suffering problems related to a damaging hack carried out on Tuesday. The newspaper and social network were hit after their domain name details were maliciously edited by hackers.The Syrian Electronic Army (SEA), a group supporting Syrian president Bashar al-Assad, says it carried out the attack.It is the most severe attack so far carried out by the group.In recent months, the hackers have targeted major media companies including the Financial Times, Washington Post, CNN and BBC.But in this latest attack, the SEA was able to cause more sustained damage with a technique which also saw news and comment site the Huffington Post hit.The attacked domains were managed by hosting company Melbourne IT, which has said it is looking at "additional layers of security" for protecting domain details. DNS changes The attack focused on editing DNS - Domain Name System - information.The DNS is used to direct web traffic to a specific server containing the website a user wants to visit.In simple terms, it means we can browse the web using easy-to-remember addresses like bbc.com, rather than by IP addresses - a string of numbers separated by dots. Media attacks seem to be escalating and moving away from annoying, simple denial-of- service attacks and toward full domain compromise”
The SEA was able to gain access to Melbourne IT's system, where Twitter and the New York Times registered their respective domains.It meant that the hackers could change DNS details so that instead of, for example, "nytimes.com" taking you to the Times' servers, the domain was instead pointed to a website hosted by the SEA. In Twitter's case, the SEA targeted twimg.com - a separate domain that the social network used to store image data, as well as styling code.While Twitter itself remained active, the disruption to twimg.com meant many pages displayed incorrectly.In a statement, Twitter said that no user data had been affected. The SEA used its Twitter account to publicise the attacks on both sites, posting images of its work."Hi @Twitter," the group said in one tweet, "look at your domain, its owned by #SEA :)" 'Through the front door' Melbourne IT blamed the breach on a reseller - a third party that sells domains through the company's system.Melbourne IT said the reseller's log-in credentials had been obtained, and that with them the SEA could enter through the "front door" and carry out the attack."If you've got a valid user name and password," chief executive Theo Hnarakis told ABC (Australia), "the assumption from our systems is that you are the authorized owner and user of that domain name." In a further statement, the company said: "We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies."The company advised those wanting to make sure their domains were fully protected to use "additional registry lock features" that they offered. Perseverance
During its downtime, the New York Times has been publishing new articles on its Facebook page as well as a mirror site.Meanwhile, Mark Frons, the company's chief information officer, cautioned staff to "be careful when sending email communications until this situation is resolved".Ken Westin, a security researcher for Tripwire, an online security company, told the BBC: "Media attacks seem to be escalating and moving away from annoying, simple denial-of- service attacks and toward full domain compromise which, if successful, puts millions of NYT website users at risk."In January, the New York Times said hackers had accessed its website and stolen the passwords of 53 employees after it published a report on the wealth of then Chinese Premier Wen Jiabao's family.As it did after that NYT disruption, competitor Wall Street Journal took down its paywall on Tuesday and offered its content free to all visitors. Michael Fey, chief technology officer at cybersecurity firm McAfee, said that as long as media organisations played a crucial role in reporting news and influencing debate, they would continue to be targets of cyber-attacks."Regardless of technology or tactics deployed, we should expect to see more of these attacks,'' he said.
Perjuangan New York Times dan Twitter setelah hack Suriah Situs-situs New York Times dan Twitter masihmenderitamasalah yang berkaitandengan hack merusak yang dilakukanpadahariSelasa. Suratkabardanjaringansosialterkenasetelahrinciannama domain merekadenganjahatdieditolehhackers.TentaraElektronikSuriah (SEA), sebuahkelompok yang mendukungPresidenSuriah Bashar al - Assad , mengatakanmelakukanpenyerangan. Iniadalahserangan yang paling parahsejauhini yang dilakukanolehkelompok.Padabeberapabulanterakhir, para hacker telahmenargetkanperusahaan- perusahaan media besartermasuk Financial Times, Washington Post, CNN dan BBC.Namun, padapenyeranganterakhir, SEA dapatmenyebabkankerusakanlebihberkelanjutandenganteknik yang jugamelihatberitadansituskomentar Huffington Post.Domain yang diserangdikelolaolehperusahaan hosting IT Melbourne, yang telahdikatakanmerekamelihat "lapisantambahankeamanan" untukmelindungirincian domain. PerubahanDNS Serangandifokuskanpadamengubahinformasi DNS - Domain Name System. DNS digunakanuntuklalulintas web langsungke server tertentu yang berisi website pengguna yang inginberkunjung. Padaistilahsederhana, iniberartikitadapatmenelusuri web menggunakanalamat yang mudahdiingatseperti bbc.com, daripadaalamat IP – sebuahnomor string yang dipisahkanoleh dot.
Serangan Media tampaknyameningkatdanmenjengkelkan ,serangandenial - of-service (jenisserangan dengancaramenghabiskansumber yang dimilikiolehkomputertersebut)yang sederhanadanpenuhkompromiterhadap domain. SEA mampumendapatkanakseskesistem IT Melbourne , di mana Twitter dan New York Times mendaftarkanmasing-masing domains. Iniberarti hacker dapatmengubahrincianDNS, misalnya , " nytimes.com " membawaAndake server milik Times , domain itumenunjukkesebuahsitus web yang di-host oleh SEA . DalamkasusTwitter , SEA ditargetkan twimg.com - domain terpisah yang jaringansosialgunakanuntukmenyimpan data gambar, serta styling Twitter code. Sementara, twitter sendiritetapaktif ,gangguanterhadap twimg.com berartibanyakhalaman yang ditampilkantidakbenar. Padasebuahpernyataan, Twitter mengatakanbahwatidakada data penggunatelahterpengaruh. SEA menggunakanakun Twitter untukmempublikasikanserangan di keduasitus, memasukangambardarikerjaanya . "Hi @ Twitter, "kata kelompokitudalamsatutweet , "Lihat domain Anda , inidimilikioleh # SEA :) " "Melaluipintudepan” IT Melbourne menyalahkanpelanggaranpada reseller - pihakketiga yang menjual domain melaluisistemperusahaan. IT Melbourne mengatakan mandate log-in yang dimiliki reseller telahdiperoleh, dandenganmereka SEA dapatmasukmelalui " pintudepan " danmelaksanakanseranganitu. " JikaAndapunyanamapenggunadan password yang valid ," kata ketuaeksekutif Theo Hnarakis ABC (Australia), "asumsidarisistem kami adalahbahwaAndaadalahpemilikresmidanpenggunanama domain . Dalampernyataanlebihlanjut ,perusahaanmengatakan : " Kami sedangmeninjau log kami untukmelihatapakahkitadapatmemperolehinformasitentangidentitaspihak yang telahmenggunakanmandat reseller , dan kami akanmembagiinformasiinidengan reseller dansetiapbagianpenegakanhukum yang relevan. "Perusahaan menyarankanmereka yang
inginmemastikan domain merekasepenuhnyadilindungiuntukmenggunakan" tambahanfiturkunciregistri " yang merekatawarkan . Ketekunan Selamapenghentiannya, New York Times telahmenerbitkanartikelbaru di halaman Facebook-nyasamasepertimirror site (situs yang serupa). Sementara, Mark frons, chief information officer perusahaan, memperingatkanstafuntuk" berhati- hatiketikamengirimkankomunikasimelalui email sampaisituasiinidiselesaikan ". Ken Westin, seorangpenelitikeamananuntuk tripwire, sebuahperusahaankeamanan online, mengatakankepada BBC: " serangan Media tampaknyameningkatdanmenjengkelkan, serangandenial - of-service yang sederhanadanpenuhkompromiterhadap domain yang jikaberhasil , menempatkanjutaanpenggunasitus NYT beresiko”. PadabulanJanuari, New York Times mengatakan hacker telahmengaksessitus web danmencuri password dari 53 karyawansetelahmenerbitkanlaporantentangkekayaankeluarga Premier China Wen Jiabao. SetelahgangguanNYT ,pesaing Wall Street Journal menurunkanpaywallpadaSelasadanmenawarkankonten gratis untuksemuapengunjung . Michael Fey ,kepalakantorteknologi di perusahaancybersecurity McAfee , mengatakanbahwaselamaorganisasi media memainkanperanpentingdalammelaporkanberitadanmempengaruhiperdebatan , merekaakanterusmenjadisasaranserangan cyber . "Terlepasdariteknologiatautaktikdikerahkan ,kitaharusberharapuntukmelihatlebihbanyakseranganini , '' katanya

Recommended

Syrian Electronic Army takes Down New York Times Website, claims Twitter’s Do...
Syrian Electronic Army takes Down New York Times Website, claims Twitter’s Do...Syrian Electronic Army takes Down New York Times Website, claims Twitter’s Do...
Syrian Electronic Army takes Down New York Times Website, claims Twitter’s Do...
World Truth
 
14 cyber threats
14 cyber threats14 cyber threats
14 cyber threats
mahesh43211
 
Cyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionCyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech Solution
Simrat Singh
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
theijes
 
Security troubles in e commerce website
Security troubles in e commerce websiteSecurity troubles in e commerce website
Security troubles in e commerce website
Dr. Raghavendra GS
 
RansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mailRansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mail
Telefónica
 
E commerce-securityy
E commerce-securityyE commerce-securityy
E commerce-securityy
JulianEvangelista1
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 

Recommended

Syrian Electronic Army takes Down New York Times Website, claims Twitter’s Do...
Syrian Electronic Army takes Down New York Times Website, claims Twitter’s Do...Syrian Electronic Army takes Down New York Times Website, claims Twitter’s Do...
Syrian Electronic Army takes Down New York Times Website, claims Twitter’s Do...
World Truth
 
14 cyber threats
14 cyber threats14 cyber threats
14 cyber threats
mahesh43211
 
Cyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionCyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech Solution
Simrat Singh
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
theijes
 
Security troubles in e commerce website
Security troubles in e commerce websiteSecurity troubles in e commerce website
Security troubles in e commerce website
Dr. Raghavendra GS
 
RansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mailRansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mail
Telefónica
 
E commerce-securityy
E commerce-securityyE commerce-securityy
E commerce-securityy
JulianEvangelista1
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industry
Ammar WK
 
Seminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackSeminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attack
rohit2495
 
The Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyThe Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your Company
Osterman Research, Inc.
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
scstatelibrary
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a ride
Roen Branham
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMS
Paul Walsh
 
Gordiito!
Gordiito!Gordiito!
Gordiito!
barc3edison10
 
A 4 (i love god ,he loves me)
A 4 (i love god ,he loves me)A 4 (i love god ,he loves me)
A 4 (i love god ,he loves me)
mohamed_rds
 
Tram 527
Tram 527Tram 527
Tram 527
assembleapalafolls
 
Conversatie09
Conversatie09Conversatie09
Conversatie09
Iji Kure
 
Quien quiere ser millonario gladys
Quien quiere ser millonario gladysQuien quiere ser millonario gladys
Quien quiere ser millonario gladys
gladysadriana
 
Edwar Villamil
Edwar VillamilEdwar Villamil
Edwar Villamil
98031958725
 
PORTAFOLIO DE EVIDENCIAS PRACTICA 1
PORTAFOLIO DE EVIDENCIAS PRACTICA 1 PORTAFOLIO DE EVIDENCIAS PRACTICA 1
PORTAFOLIO DE EVIDENCIAS PRACTICA 1
Dianix Contla
 
Usabilidad
UsabilidadUsabilidad
Usabilidad
liceth paola barbosa chacon
 
Valentina
ValentinaValentina
Valentina
Diana Jaimes
 
Spanisch proyecto
Spanisch proyectoSpanisch proyecto
Spanisch proyecto
Linus123456
 
Billiey josess
Billiey josessBilliey josess
Billiey josess
Mauricio Karreto
 
Ariel screen grabs
Ariel screen grabsAriel screen grabs
Ariel screen grabs
gamber-yr12
 
Sleeping bag
Sleeping bagSleeping bag
Sleeping bag
doubleslep
 
Etrangesphotos
EtrangesphotosEtrangesphotos
Etrangesphotos
Farenik
 
Licuado de frutas
Licuado de frutasLicuado de frutas
Licuado de frutas
Be Ses
 

More Related Content

What's hot

Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a ride
Roen Branham
 

What's hot (7)

Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industry
 
Seminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackSeminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attack
 
The Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your CompanyThe Critical Need to Secure the Web in Your Company
The Critical Need to Secure the Web in Your Company
 
Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a ride
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMS
 

Viewers also liked

A 4 (i love god ,he loves me)
A 4 (i love god ,he loves me)A 4 (i love god ,he loves me)
A 4 (i love god ,he loves me)
mohamed_rds
 
Conversatie09
Conversatie09Conversatie09
Conversatie09
Iji Kure
 
Quien quiere ser millonario gladys
Quien quiere ser millonario gladysQuien quiere ser millonario gladys
Quien quiere ser millonario gladys
gladysadriana
 
Spanisch proyecto
Spanisch proyectoSpanisch proyecto
Spanisch proyecto
Linus123456
 
Ariel screen grabs
Ariel screen grabsAriel screen grabs
Ariel screen grabs
gamber-yr12
 
Etrangesphotos
EtrangesphotosEtrangesphotos
Etrangesphotos
Farenik
 
Licuado de frutas
Licuado de frutasLicuado de frutas
Licuado de frutas
Be Ses
 
Mario
MarioMario
Mario
mario
 

Viewers also liked (20)

Gordiito!
Gordiito!Gordiito!
Gordiito!
 
A 4 (i love god ,he loves me)
A 4 (i love god ,he loves me)A 4 (i love god ,he loves me)
A 4 (i love god ,he loves me)
 
Tram 527
Tram 527Tram 527
Tram 527
 
Conversatie09
Conversatie09Conversatie09
Conversatie09
 
Quien quiere ser millonario gladys
Quien quiere ser millonario gladysQuien quiere ser millonario gladys
Quien quiere ser millonario gladys
 
Edwar Villamil
Edwar VillamilEdwar Villamil
Edwar Villamil
 
PORTAFOLIO DE EVIDENCIAS PRACTICA 1
PORTAFOLIO DE EVIDENCIAS PRACTICA 1 PORTAFOLIO DE EVIDENCIAS PRACTICA 1
PORTAFOLIO DE EVIDENCIAS PRACTICA 1
 
Usabilidad
UsabilidadUsabilidad
Usabilidad
 
Valentina
ValentinaValentina
Valentina
 
Spanisch proyecto
Spanisch proyectoSpanisch proyecto
Spanisch proyecto
 
Billiey josess
Billiey josessBilliey josess
Billiey josess
 
Ariel screen grabs
Ariel screen grabsAriel screen grabs
Ariel screen grabs
 
Sleeping bag
Sleeping bagSleeping bag
Sleeping bag
 
Etrangesphotos
EtrangesphotosEtrangesphotos
Etrangesphotos
 
Licuado de frutas
Licuado de frutasLicuado de frutas
Licuado de frutas
 
Mario
MarioMario
Mario
 
1 vertigo
1 vertigo1 vertigo
1 vertigo
 
Pts
PtsPts
Pts
 
Comercial do ano - Washington Olivetto
Comercial do ano - Washington OlivettoComercial do ano - Washington Olivetto
Comercial do ano - Washington Olivetto
 
Johanna
JohannaJohanna
Johanna
 

Similar to Translation article

Top data breaches in 2013
Top data breaches in 2013Top data breaches in 2013
Top data breaches in 2013
Shoplet_
 
Top data breaches in 2013
Top data breaches in 2013Top data breaches in 2013
Top data breaches in 2013
post_it
 
Select a specific event that has recently occurred (within the last 30.docx
Select a specific event that has recently occurred (within the last 30.docxSelect a specific event that has recently occurred (within the last 30.docx
Select a specific event that has recently occurred (within the last 30.docx
acarolyn
 
The Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxThe Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docx
helen23456789
 
Security Breaches and the Six Dumb Ideas Consider a recent (2014- 2015.docx
Security Breaches and the Six Dumb Ideas Consider a recent (2014- 2015.docxSecurity Breaches and the Six Dumb Ideas Consider a recent (2014- 2015.docx
Security Breaches and the Six Dumb Ideas Consider a recent (2014- 2015.docx
acarolyn
 
Beza belayneh information_warfare_brief
Beza belayneh information_warfare_briefBeza belayneh information_warfare_brief
Beza belayneh information_warfare_brief
Beza Belayneh
 
Invincea "The New Threat Vector"
Invincea "The New Threat Vector"Invincea "The New Threat Vector"
Invincea "The New Threat Vector"
dogallama
 

Similar to Translation article (20)

Top data breaches in 2013
Top data breaches in 2013Top data breaches in 2013
Top data breaches in 2013
 
Top data breaches in 2013
Top data breaches in 2013Top data breaches in 2013
Top data breaches in 2013
 
Threatsploit-Adversary-Report-August-2022.pdf
Threatsploit-Adversary-Report-August-2022.pdfThreatsploit-Adversary-Report-August-2022.pdf
Threatsploit-Adversary-Report-August-2022.pdf
 
The Enemy Within IoT - A Mirai DDoS Timeline
The Enemy Within IoT - A Mirai DDoS TimelineThe Enemy Within IoT - A Mirai DDoS Timeline
The Enemy Within IoT - A Mirai DDoS Timeline
 
Select a specific event that has recently occurred (within the last 30.docx
Select a specific event that has recently occurred (within the last 30.docxSelect a specific event that has recently occurred (within the last 30.docx
Select a specific event that has recently occurred (within the last 30.docx
 
The Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxThe Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docx
 
PP Lec15n16 Sp2020.pptx
PP Lec15n16 Sp2020.pptxPP Lec15n16 Sp2020.pptx
PP Lec15n16 Sp2020.pptx
 
HR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company DataHR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company Data
 
Security Breaches and the Six Dumb Ideas Consider a recent (2014- 2015.docx
Security Breaches and the Six Dumb Ideas Consider a recent (2014- 2015.docxSecurity Breaches and the Six Dumb Ideas Consider a recent (2014- 2015.docx
Security Breaches and the Six Dumb Ideas Consider a recent (2014- 2015.docx
 
Beza belayneh information_warfare_brief
Beza belayneh information_warfare_briefBeza belayneh information_warfare_brief
Beza belayneh information_warfare_brief
 
List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022
 
State of Internet 1H 2008
State of Internet 1H 2008State of Internet 1H 2008
State of Internet 1H 2008
 
Invincea "The New Threat Vector"
Invincea "The New Threat Vector"Invincea "The New Threat Vector"
Invincea "The New Threat Vector"
 
Newbytes NullHyd
Newbytes NullHydNewbytes NullHyd
Newbytes NullHyd
 
Top 10 Cyber Crimes in the World till now
Top 10 Cyber Crimes in the World till nowTop 10 Cyber Crimes in the World till now
Top 10 Cyber Crimes in the World till now
 
Iranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two YearsIranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two Years
 
Computer System Security PPT’s | ESHAN COLLEGE OF ENGINEERING
Computer System Security PPT’s | ESHAN COLLEGE OF ENGINEERINGComputer System Security PPT’s | ESHAN COLLEGE OF ENGINEERING
Computer System Security PPT’s | ESHAN COLLEGE OF ENGINEERING
 
Survey of different Web Application Attacks & Its Preventive Measures
Survey of different Web Application Attacks & Its Preventive MeasuresSurvey of different Web Application Attacks & Its Preventive Measures
Survey of different Web Application Attacks & Its Preventive Measures
 
Cybersecurity presentation
Cybersecurity presentationCybersecurity presentation
Cybersecurity presentation
 
December 8
December 8December 8
December 8
 

Translation article

  • 1. Name :NovitaAjengPrimantari Class of CCIT-UIN Translation NewYorkTimesandTwitterstruggleafterSyrianhack The websites of the New York Times and Twitter are still suffering problems related to a damaging hack carried out on Tuesday. The newspaper and social network were hit after their domain name details were maliciously edited by hackers.The Syrian Electronic Army (SEA), a group supporting Syrian president Bashar al-Assad, says it carried out the attack.It is the most severe attack so far carried out by the group.In recent months, the hackers have targeted major media companies including the Financial Times, Washington Post, CNN and BBC.But in this latest attack, the SEA was able to cause more sustained damage with a technique which also saw news and comment site the Huffington Post hit.The attacked domains were managed by hosting company Melbourne IT, which has said it is looking at "additional layers of security" for protecting domain details. DNS changes The attack focused on editing DNS - Domain Name System - information.The DNS is used to direct web traffic to a specific server containing the website a user wants to visit.In simple terms, it means we can browse the web using easy-to-remember addresses like bbc.com, rather than by IP addresses - a string of numbers separated by dots. Media attacks seem to be escalating and moving away from annoying, simple denial-of- service attacks and toward full domain compromise”
  • 2. The SEA was able to gain access to Melbourne IT's system, where Twitter and the New York Times registered their respective domains.It meant that the hackers could change DNS details so that instead of, for example, "nytimes.com" taking you to the Times' servers, the domain was instead pointed to a website hosted by the SEA. In Twitter's case, the SEA targeted twimg.com - a separate domain that the social network used to store image data, as well as styling code.While Twitter itself remained active, the disruption to twimg.com meant many pages displayed incorrectly.In a statement, Twitter said that no user data had been affected. The SEA used its Twitter account to publicise the attacks on both sites, posting images of its work."Hi @Twitter," the group said in one tweet, "look at your domain, its owned by #SEA :)" 'Through the front door' Melbourne IT blamed the breach on a reseller - a third party that sells domains through the company's system.Melbourne IT said the reseller's log-in credentials had been obtained, and that with them the SEA could enter through the "front door" and carry out the attack."If you've got a valid user name and password," chief executive Theo Hnarakis told ABC (Australia), "the assumption from our systems is that you are the authorized owner and user of that domain name." In a further statement, the company said: "We are currently reviewing our logs to see if we can obtain information on the identity of the party that has used the reseller credentials, and we will share this information with the reseller and any relevant law enforcement bodies."The company advised those wanting to make sure their domains were fully protected to use "additional registry lock features" that they offered. Perseverance
  • 3. During its downtime, the New York Times has been publishing new articles on its Facebook page as well as a mirror site.Meanwhile, Mark Frons, the company's chief information officer, cautioned staff to "be careful when sending email communications until this situation is resolved".Ken Westin, a security researcher for Tripwire, an online security company, told the BBC: "Media attacks seem to be escalating and moving away from annoying, simple denial-of- service attacks and toward full domain compromise which, if successful, puts millions of NYT website users at risk."In January, the New York Times said hackers had accessed its website and stolen the passwords of 53 employees after it published a report on the wealth of then Chinese Premier Wen Jiabao's family.As it did after that NYT disruption, competitor Wall Street Journal took down its paywall on Tuesday and offered its content free to all visitors. Michael Fey, chief technology officer at cybersecurity firm McAfee, said that as long as media organisations played a crucial role in reporting news and influencing debate, they would continue to be targets of cyber-attacks."Regardless of technology or tactics deployed, we should expect to see more of these attacks,'' he said.
  • 4. Perjuangan New York Times dan Twitter setelah hack Suriah Situs-situs New York Times dan Twitter masihmenderitamasalah yang berkaitandengan hack merusak yang dilakukanpadahariSelasa. Suratkabardanjaringansosialterkenasetelahrinciannama domain merekadenganjahatdieditolehhackers.TentaraElektronikSuriah (SEA), sebuahkelompok yang mendukungPresidenSuriah Bashar al - Assad , mengatakanmelakukanpenyerangan. Iniadalahserangan yang paling parahsejauhini yang dilakukanolehkelompok.Padabeberapabulanterakhir, para hacker telahmenargetkanperusahaan- perusahaan media besartermasuk Financial Times, Washington Post, CNN dan BBC.Namun, padapenyeranganterakhir, SEA dapatmenyebabkankerusakanlebihberkelanjutandenganteknik yang jugamelihatberitadansituskomentar Huffington Post.Domain yang diserangdikelolaolehperusahaan hosting IT Melbourne, yang telahdikatakanmerekamelihat "lapisantambahankeamanan" untukmelindungirincian domain. PerubahanDNS Serangandifokuskanpadamengubahinformasi DNS - Domain Name System. DNS digunakanuntuklalulintas web langsungke server tertentu yang berisi website pengguna yang inginberkunjung. Padaistilahsederhana, iniberartikitadapatmenelusuri web menggunakanalamat yang mudahdiingatseperti bbc.com, daripadaalamat IP – sebuahnomor string yang dipisahkanoleh dot.
  • 5. Serangan Media tampaknyameningkatdanmenjengkelkan ,serangandenial - of-service (jenisserangan dengancaramenghabiskansumber yang dimilikiolehkomputertersebut)yang sederhanadanpenuhkompromiterhadap domain. SEA mampumendapatkanakseskesistem IT Melbourne , di mana Twitter dan New York Times mendaftarkanmasing-masing domains. Iniberarti hacker dapatmengubahrincianDNS, misalnya , " nytimes.com " membawaAndake server milik Times , domain itumenunjukkesebuahsitus web yang di-host oleh SEA . DalamkasusTwitter , SEA ditargetkan twimg.com - domain terpisah yang jaringansosialgunakanuntukmenyimpan data gambar, serta styling Twitter code. Sementara, twitter sendiritetapaktif ,gangguanterhadap twimg.com berartibanyakhalaman yang ditampilkantidakbenar. Padasebuahpernyataan, Twitter mengatakanbahwatidakada data penggunatelahterpengaruh. SEA menggunakanakun Twitter untukmempublikasikanserangan di keduasitus, memasukangambardarikerjaanya . "Hi @ Twitter, "kata kelompokitudalamsatutweet , "Lihat domain Anda , inidimilikioleh # SEA :) " "Melaluipintudepan” IT Melbourne menyalahkanpelanggaranpada reseller - pihakketiga yang menjual domain melaluisistemperusahaan. IT Melbourne mengatakan mandate log-in yang dimiliki reseller telahdiperoleh, dandenganmereka SEA dapatmasukmelalui " pintudepan " danmelaksanakanseranganitu. " JikaAndapunyanamapenggunadan password yang valid ," kata ketuaeksekutif Theo Hnarakis ABC (Australia), "asumsidarisistem kami adalahbahwaAndaadalahpemilikresmidanpenggunanama domain . Dalampernyataanlebihlanjut ,perusahaanmengatakan : " Kami sedangmeninjau log kami untukmelihatapakahkitadapatmemperolehinformasitentangidentitaspihak yang telahmenggunakanmandat reseller , dan kami akanmembagiinformasiinidengan reseller dansetiapbagianpenegakanhukum yang relevan. "Perusahaan menyarankanmereka yang
  • 6. inginmemastikan domain merekasepenuhnyadilindungiuntukmenggunakan" tambahanfiturkunciregistri " yang merekatawarkan . Ketekunan Selamapenghentiannya, New York Times telahmenerbitkanartikelbaru di halaman Facebook-nyasamasepertimirror site (situs yang serupa). Sementara, Mark frons, chief information officer perusahaan, memperingatkanstafuntuk" berhati- hatiketikamengirimkankomunikasimelalui email sampaisituasiinidiselesaikan ". Ken Westin, seorangpenelitikeamananuntuk tripwire, sebuahperusahaankeamanan online, mengatakankepada BBC: " serangan Media tampaknyameningkatdanmenjengkelkan, serangandenial - of-service yang sederhanadanpenuhkompromiterhadap domain yang jikaberhasil , menempatkanjutaanpenggunasitus NYT beresiko”. PadabulanJanuari, New York Times mengatakan hacker telahmengaksessitus web danmencuri password dari 53 karyawansetelahmenerbitkanlaporantentangkekayaankeluarga Premier China Wen Jiabao. SetelahgangguanNYT ,pesaing Wall Street Journal menurunkanpaywallpadaSelasadanmenawarkankonten gratis untuksemuapengunjung . Michael Fey ,kepalakantorteknologi di perusahaancybersecurity McAfee , mengatakanbahwaselamaorganisasi media memainkanperanpentingdalammelaporkanberitadanmempengaruhiperdebatan , merekaakanterusmenjadisasaranserangan cyber . "Terlepasdariteknologiatautaktikdikerahkan ,kitaharusberharapuntukmelihatlebihbanyakseranganini , '' katanya