More than 30 journalists and executives at western news organizations in China, including the New York Times, have had their computers hacked, according to Mandiant, a security firm that monitors such attacks.
Over the last four months, the hackers managed to infiltrate the Times’ computers, the newspaper reported Thursday. In a lengthy piece, the newspaper said the hackers had penetrated its computers and obtained passwords for reporters and other employees. The hackers have been blocked and security tightened to prevent another attack, which followed an investigation by the paper into finances of relatives of Wen Jiabao, China’s premier.
Mandiant, which was brought into the case by the Times, said it found that hackers using techniques associated with the Chinese military stole emails, contacts and files from 30 journalists and executives and maintained a short list of journalists whose accounts have been repeatedly attacked. That finding, first reported in the New York Times, was part of a December report that was expected to be made public soon, a Mandiant spokeswoman said Thursday.
It is not unusual for those who are upset with a newspaper’s reporting to strike out with boycotts and worse, as seen recently in suburban New York, where there were protests against a Gannett newspaper that published a database of gun owners. Nor is it unusual for journalists in tough assignments abroad to find themselves watched, harassed and, even worse, physically attacked.
But modern computer technology, especially when backed by the resources of a government, has escalated the ability to strike back at media outlets — just as it has changed the playing field for espionage and warfare.
According to the Times’ account, hackers stole “corporate passwords for every Times employee and used those to gain access to the personal computers of 53 employees, most of them outside the Times’ newsroom. Experts found no evidence that the intruders used the passwords to seek information that was not related to the reporting on the Wen family. No customer data was stolen from the Times, security experts said.”
Among the targets were the email accounts of Shanghai bureau chief David Barboza, who wrote the critical reports on Wen’s relatives, and Jim Yardley, the Times’ South Asia bureau chief in India, who previously worked as bureau chief in Beijing, the newspaper said.
The hackers routed their attacks through computers at U.S. universities, according to the New York Times. Hackers installed malicious software that allowed them to enter the newspaper’s computers. The software, known as malware, was “identified by computer security experts as a specific strain associated with computer attacks originating in China,” the newspaper said.
Chinese officials denied they were responsible.
“Chinese laws prohibit any action including hacking that damages Internet security,” China’s Ministry of National Defense told the New York Times. It added: “To accuse the Chinese military of launching cyber attacks without solid proof is unprofessional and baseless.”
Eileen M. Murphy, the Times’ vice president for corporate communications, said Thursday the newspaper stood by the story.
It was not known which other media outlets were cyber-spying targets, but the Wall Street Journal said that it too had been targeted by Chinese hackers.
Paula Keve, chief spokeswoman for the Journal’s parent company, Dow Jones & Co., said in a written statement: “Evidence shows that infiltration efforts target the monitoring of the Journal’s coverage of China, and are not an attempt to gain commercial advantage or to misappropriate customer information.”
Bloomberg News was believed to have been targeted as well -- after it published an article June 29 about the wealth of relatives of Xi Jinping, the current general secretary of the Communist Party and the person expected to become president in March. No computer breach took place.
“Our security was not compromised,” Ty Trippet, a spokesman for Bloomberg, said by telephone Thursday.
Cyber attacks on media outlets are a subset of the attacks on all companies as a form of industrial espionage and on government institutions as an extension of foreign military and diplomatic policies. The United States, Israel and Iran are among those countries suspected of using cyber weapons.
The U.S. Cyber Command is based in Ft. Meade, Md., and is among the agencies charged with defending U.S. interest in cyberspace. U.S. officials have dropped hints at recent conferences about their efforts and increases in funding, but have not officially acknowledged any operations.
However, the United States and Israel are widely believed to have attacked Iran’s computers at a nuclear enrichment facility by using a computer worm, known as Stuxnet. The attack became public when the worm escaped Iran’s computers in 2010.
New Aspen speed limit -- 14 miles an hour?
Jury convicts priest, teacher in Philadelphia sex-abuse scandal
White House, politicians react to Hadiya Pendleton shooting death