The New York Times reported Wednesday night that over the past four months, hackers — possibly connected to the Chinese military — have been infiltrating the paper’s computer system. The Times hired cyber-security firm Mandiant, who traced the attacks to to university computers that the “Chinese military had used to attack United States Military contractors in the past.”
According to the Times, the attacks were likely in response to stories published last year by the paper’s Shangai bureau chief David Barboza, which reported the vast personal wealth of Chinese PM Wen Jiabao. Following the publication of these stories the Times site was blocked in China and its reporters there suddenly faced visa problems.
The hackers reportedly gained access to the password of every Times staffer, but only targeted the computers of 53 employees, focusing on those believed to be involved in the Wen investigation.The hacks were carried out through the common but basic tactic of spearphishing — when malware is installed on a computer by sending an email message which the computer user mistakenly opens. As Salon noted earlier this month, spearphishing makes up 91 percent of targeted attacks and, according to experts, could easily be used against critical U.S. infrastructure like watersheds, power grids, oil refineries and nuclear plants.
Analysis by Mondiant concluded that hackers initially broke into Times computers when reporting for the Wen story was in its final stages. The cyber-security company was able to repel the infiltration by blocking off compromised outside computers, removing back doors to its network, changing employee passwords and adding extra security measures. “Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Times executive editor Jill Abramson.
The Times is not the first U.S. publication to be targeted in Chinese hacks. Bloomberg was similarly infiltrated after investigating the wealth of Chinese president president Xi Jingping and the AP also said that it was “among the targets of attacks intended to uncover the identities of sources for news stories and to stifle critical reports about the Chinese government.”
Although, according to the AP, the Chinese foreign and defense ministries called the Times’ allegations “baseless, and the Defense Ministry denied any involvement by the military,” the AP also noted Thursday that “China has been accused by the U.S., other foreign governments and computer security experts of mounting a widespread, aggressive cyber-spying campaign for several years, trying to steal classified information and corporate secrets and to intimidate critics.”