Syrian attack on DNS, NYT, Twitter

“Syrian Electronic Army’s Alleged Attack Hit Soft Spot,” Wall Street Journal, August 29, 2013 B3.  Attack on Australian domain registrar leads to denial of service at New York Times, Twitter, Huffington Post and other sites. Syrian Electronic Army claims responsibility.

There was an optional feature that would have prevented this, but NYT and Twitter didn’t use it.  Now they do.

Focus on IT security is often at the server level.  Prevent physical access by outsiders, and limit system access to approved people.  Snowden was a failure in limiting system access and downloading.  But what was the process in place for deciding whether to activate the registry-change lock ?  Did people quantify the risks?  Who was involved in the decision?

Where else do third parties control potential links?  Are you using the cloud?

Leave a comment

Filed under Business Continuity, Risk, Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s