The New York Times has announced that over the last few months, they have been the target of repeated attacks from Chinese hackers. Many of the methods used by the hackers that targeted The New York Times have, in the past, been linked to the Chinese military.
The publication has said that the attacks coincided with the timing of an investigative article that was published on October 24th 2012 which revealed that Wen Jiabao, China’s Prime Minister, had a huge family fortune.
According to TechCrunch, The New York Times hired computer security company Mandiant in a bid to combat the attacks. Mandiant said that they managed to expel the hackers after covertly tracking their maneuvers.
The hackers had tried to hide the source of the attack by routing through computers at several universities in the U.S. and Mandiant said that this method had being used in numerous other attacks that traced back to China.
The malware that the hackers installed was a specific strain connected with other hack attacks from China and the university computers that the New York Times attacks were routed through are the same as those used by the Chinese military to target U.S. military contractors in the past.
During the time that The New York Times was targeted, the hackers managed to install 45 pieces of custom malware and only one of these was identified and quarantined by Symantec, the antivirus product used by media outlet. Symantec would not comment on the attacks, stating that they were unable to discuss specific clients.
The hackers managed to access the email account of Times’ Shanghai bureau chief, David Barboza who was responsible for writing the article about the Chinese PM. They also managed to get into the email of former Beijing bureau chief Jim Yardley.
As well as this, they managed to steal the corporate passwords of every newspaper employee and gain access to their personal computers, most of which were located outside of the newsroom!
This series of hacks is not the only problems that the New York Times has encountered after publishing the article about the Chinese PM. After it was released, both the Chinese and English-language websites of the publication were blocked in China and this month reporter Christopher Buckley was forced to leave China after having his visa application denied. China’s foreign ministry stated that Buckley’s visa was actually just filed incorrectly, but others speculated that the action was directly link to Jiabao article.
In their story about the hacking incidents, The New York Times said that the attacks upon them and other similar organizations suggested that there was a concerted effort to control China’s image by spying on different groups.
The article states:
“The mounting number of attacks that have been traced back to China suggest that hackers there are behind a far-reaching spying campaign aimed at an expanding set of targets including corporations, government agencies, activist groups and media organizations inside the United States. The intelligence-gathering campaign, foreign policy experts and computer security researchers say, is as much about trying to control China’s public image, domestically and abroad, as it is about stealing trade secrets.”
Bloomberg News has also been a target of Chinese hackers after running an article in 2012 about the family wealth of Xi Jinping (China’s VP at the time of the article). Security firm Mandiant has claimed that they believe Chinese hackers have been targeting Western journalists since 2008 in a bid to identify sources and contacts for articles that could smear the reputations of China’s leaders.
The White House has also been a target of this type of attack, claiming that last October hackers linked to the Chinese government managed to access a system used by the White House Military Office for nuclear commands. However the seriousness of this attack was downplayed by the U.S. government.