Thursday, January 31, 2013

Hackers in China attacked New York Times for last 4 months

http://www.nbcnews.com/id/50647506/ns/technology_and_science-the_new_york_times/

By NICOLE PERLROTH, New York Times
updated 1/31/2013 8:36:00 AM ET

For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.

After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.

The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings.

Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing.

“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Jill Abramson, executive editor of The Times.

-----

The attacks appear to be part of a broader computer espionage campaign against American news media companies that have reported on Chinese leaders and corporations.

Last year, Bloomberg News was targeted by Chinese hackers, and some employees’ computers were infected, according to a person with knowledge of the company’s internal investigation, after Bloomberg published an article on June 29 about the wealth accumulated by relatives of Xi Jinping, China’s vice president at the time. Mr. Xi became general secretary of the Communist Party in November and is expected to become president in March. Ty Trippet, a spokesman for Bloomberg, confirmed that hackers had made attempts but said that “no computer systems or computers were compromised.”

-----

While computer security experts say China is most active and persistent, it is not alone in using computer attacks for a variety of national purposes, including corporate espionage. The United States, Israel, Russia and Iran, among others, are suspected of developing and deploying cyberweapons.

-----

After The Times learned of warnings from Chinese government officials that its investigation of the wealth of Mr. Wen’s relatives would “have consequences,” executives on Oct. 24 asked AT&T, which monitors The Times’s computer network, to watch for unusual activity.

-----

Investigators still do not know how hackers initially broke into The Times’s systems. They suspect the hackers used a so-called spear-phishing attack, in which they send e-mails to employees that contain malicious links or attachments. All it takes is one click on the e-mail by an employee for hackers to install “remote access tools” — or RATs. Those tools can siphon off oceans of data — passwords, keystrokes, screen images, documents and, in some cases, recordings from computers’ microphones and Web cameras — and send the information back to the attackers’ Web servers.

Michael Higgins, chief security officer at The Times, said: “Attackers no longer go after our firewall. They go after individuals. They send a malicious piece of code to your e-mail account and you’re opening it and letting them in.”

-----

No comments:

Post a Comment