Recently, Syrian Electronic Army made headlines yet again when it targeted the U.S. marines site and redirected its visitors to a web page of its own. It has now transpired that Pentagon was in the process of improving the security of its domains when this took place.
In recent past, Syrian Electronic Army has successfully hacked a number of publications. In most of these attacks, the popularly used tactic has either been distributed Denial-of-service (DDoS) attacks or the manipulation of DNS of the said site.
DNS details are available with the domain registrar of any given site. And if a hacker is able to gain access to the servers of this domain registrar, he can then successfully re-route the site to another web page. According to the reports so far, this is precisely what SEA hackers did to U.S. Marines site.
SEA redirected the site to a page which urged U.S. marines not to attack Syria and defy any such orders which they are given. Just before this attack took place, Pentagon was in the process of improving the security of its domains. On Aug 22, Pentagon sent a notice to its contractors.
The notice read, “Potential risks to the Department of Defense DNS infrastructure such as hackers, phishing scams or distributed denial of service attacks meant to covertly extract data require [Defense] to develop plans to improve monitoring and management of the DoD DNS, and protect it from any external vulnerabilities.” Before such improvements could be enacted, though, SEA struck the U.S. Marines site.