Last month they managed to post rogue messages on the official Microsoft and Office blog sites after first gaining access to the email accounts of some of the company's employees.
SEA normally hijacks domain names in order to deface the websites they target and display pro-Syria messages to their visitors, as group publicly supports Syrian President Bashar al-Assad and his government. However, this kind of attack can also be used for more nefarious purposes. Instead of political messages, attackers could display a phishing page to steal user credentials or serve exploits to infect computers with malware.
Security experts repeatedly advised companies to protect their domain names by putting registry locks in place for them. VeriSign offers this service for domain names in the .com, .net, .tv, .cc and .name TLD zones.
Sign up for CIO Asia eNewsletters.