|Major US Newspapers Allege Chinese Hack Attack|
|By LEE FERRAN (@leeferran)||Jan 31, 2013, 10:03 AM|
The New York Times and The Wall Street Journal have reported that their computer systems have been the infiltrated by hackers in China.
In a report published Wednesday, the Times said hackers managed to steal passwords and gain access to the personal computers of 53 employees, including those belonging to its Shanghai bureau chief, before a private cyber security firm helped oust the infiltrators.
Less than a day later, the Wall Street Journal reported that it too had been targeted by Chinese hackers "for the apparent purpose of monitoring the newspaper's China coverage."
In the case of the Times, the news outlet said the hacking campaign coincided with the paper's investigation into the relatives of Chinese Prime Minister Wen Jiabao, who have accumulated multi-billion-dollar fortunes through business deals. However, Jill Abramson, executive editor of the Times, said that no sensitive emails or documents related to that reporting effort "were accessed, downloaded or copied." Much of the reporting on those stories, the Times said, was based on public documents.
Mandiant, the cyber computer firm hired to help counter the hacking campaign at the Times, said the attack was reminiscent of previous attacks attributed to Chinese hackers in three ways, according to the Times: The attacks were routed through American universities in an attempt to hide their origin, the malicious software used in the attack was a "specific strain associated with computer attacks originating from China," and the attacks started from the same Chinese university computers as had been allegedly used in the past by the Chinese military to launch attacks. A spokesperson for Mandiant confirmed the company's role in the saga, as reported by The Times, to ABC News.
Daily movement from the attackers would begin at 8 a.m. Beijing time, the Times said, and would generally last until the end of the business day, though sometimes it continued until midnight.
The Chinese National Defense Ministry reportedly told the Times that such attacks are prohibited by Chinese law and that "to accuse the Chinese military of launching cyber attacks without solid proof is unprofessional and baseless."
The Times reported that Mandian was unsure of exactly how the hackers infiltrated the Times' system, but said it was likely done though what's known as spearphishing, a common tactic that involves tricking someone on the inside into opening an email link or attachment which would then automatically install malicious software on the target network.
U.S. officials have previously accused China of undertaking a widespread espionage campaign that has targeted a range of American entities from educational institutions to defense contractors and the Pentagon.
In referring to China in October 2011, House Intelligence Committee Chairman Rep. Mike Rogers (R-Mich.) said in an open committee meeting that he didn't believe "that there is a precedent in history for such a massive and sustained intelligence effort by a government agency to blatantly steal commercial data and intellectual property."
Rogers said that cyber intrusions into American and other Western corporations by hackers working on behalf of Beijing -- allegedly including attacks on corporate giants like Google and Lockheed Martin -- amounted to "brazen and widespread theft."
In August 2011, a documentary broadcast on Chinese state-run television showed what appeared to be a cyber attack in progress aimed at an computer network based at an Alabama university.
But in the case of The New York Times attack, the paper said it appeared the hackers didn't seem interested in stealing anything beyond learning the identities of any sources for the Times' Jiabao investigation.
"They could have wreaked havoc on our systems," Marc Frons, the Times' chief information officer, said in the paper's report. "But that was not what they were after."
Officials at the Chinese Embassy in Washington, D.C. and Foreign Ministry did not answer phone calls or immediately respond to an emailed request for comment on this report.