The cable news network confirmed on Thursday that its primary Facebook account, Twitter feeds and some blogs (including, ironically, CNN's Security Clearance blog) were targeted, with the hackers subsequently posting content on these platforms.
This content, which included unauthorised tweets on the Twitter pages for, has since been deleted. One message from the SEA said that it targeted CNN due to its “viciously lying reporting aimed at the prolonging the suffering in Syria.”
The Syrian Electronic Army, a group that supports the Syrian regime of Bashar al-Assad, has successfully targeted hacktivism group Anonymous, Al-Jazeera, the BBC, the Daily Telegraph, the Financial Times, the Guardian, the Human Rights Watch and the National Public Radio in recent times, and just last week managed to hack into Microsoft's social media accounts for the second time.
OneLogin CEO Thomas Pedersen told SCMagazineUK.com that this is the latest reminder that organisations need to properly employ password policies and perhaps even cloud-based identity and access management (IAM) solutions.
“We have already seen several attacks on social media accounts this year - first Microsoft, and now CNN. These are high profile organisations, which is why they have been targeted," he said.
“This is another reminder that organisations should think about their access control and password policies, otherwise there is the potential for attacks to be successful. Companies have to manage access to their marketing applications, whether these are internal or external services."