FT is latest media group attacked by Syrian hackers

The Financial Times has confirmed that its website and several Twitter accounts were hacked by the Syrian Electronic Army (SEA).

The hacker group managed to publish 12 blog posts on the FT's Tech Blog in four minutes on Friday 17 May, and also sent tweets through the FT's Twitter feeds – saying “The Syrian Electronic Army was here” – to thousands of followers.

The FT said the accounts were hijacked following a phishing attack targeting company email accounts.

Twitter recently advised media companies to be on the lookout for attacks, according to Ars Technica.

The SEA's continuing success suggests media outlets still have a way to go in protecting themselves from phishing, one of the older methods of attack, the report said.

The FT is the latest in a series of attacks attributed to the group on Western media organisations, which have included the Guardian and the BBC.

The SEA, believed to be a front for the al-Assad government, previously targeted al Jazeera, France 24 TV, US National Public Radio and the Associated Press news agency.

Shortly after the Associated Press attack, it emerged that Twitter was testing a two-factor authentication system internally that is aimed at making it more difficult for hackers to take over users’ accounts.

The planned security system requires users to enter a one-time password (OTP) sent to their mobile phones whenever they log in from a computer or device they do not normally use.