The New York Times has just made public that they were the victims of a long, elaborate hacking attack from China. The attacks started four months ago and are said to have been initiated in retaliation to an article the Times published about the immense fortune that has been accumulated by Chinese Prime Minister Wen Jiabao’s family.
The Chinese hackers first gained access to the New York Time’s network on September 13th of last year. The breach, however, remained unnoticed until the 26th of October. The Times first became suspicious after receiving warnings from the government of China stating that if their investigation continued, they would “have consequences.”
The paper realized that they had been hacked on November 7th at which point they hired outside computer security company, Mandiant, to further investigate.
It is believed that the hackers gained access via spear-phishing attacks. Spear-phishing attacks are emails sent to employees containing attachments or links that contain malware — this gave the Chinese government access to users’ passwords and keystrokes.
Once access was gained, the hackers targeted the email accounts of David Barboza, the writer who wrote the article about the Wen family, and of Jim Yardley who is the New York Time’s South Asia bureau chief.
The hackers then used custom-made software that allowed them to download the reporters’ emails and sensitive documents straight from the Times’s server. It’s said that ethyl were looking for Borboza’s source — a source that the NY Times claims doesn’t exist because the article in question was based on public records.
“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Jill Abramson, the executive editor of The NY Times.
“If you look at each attack in isolation, you can’t say, ‘This is the Chinese military,'” said Richard Bejtlich, Mandiant’s chief security officer. “When you see the same group steal data on Chinese dissidents and Tibetan activists, then attack an aerospace company, it starts to push you in the right direction.”
Of course, China’s Ministry of National Defense denies the attacks, saying, “Chinese laws prohibit any action including hacking that damages Internet security,” and adding, “to accuse the Chinese military of launching cyber attacks without solid proof is unprofessional and baseless.”
Paul Hudson | Elite.