On Jan. 30, The New York Times released a report claiming it had been the target of a cyber attack by the Chinese for the past four months.
The hacking coincided with an online story The Times published last October, which scrutinized the large fortune the family of Chinese Prime Minister, Wen Jiabao. Through several business deals, Jiabao’s family had amassed a fortune of several billion dollars.
According to an NPR interview with Wired’s cybercrime desk senior reporter Kim Zetter, when Times reporters contacted Chinese officials for reaction to this story prior to publication, they “heard that officials were saying there were be consequences (to running the story).” This prompted the Times to alert AT&T to be on the lookout for any suspicious activity.
The Times’ investigation into the cyber attack revealed the hackers gained access to employees’ corporate passwords and then used those passwords to infiltrate 53 personal computers of Times reporters, the majority of whom worked outside the Times’ newsroom.
The report claims this most recent attack is reminiscent of past Chinese cyber attacks in three ways: The malware initially used to hack the Times’ system was a specific strain associated with computer attacks originating in China; the hackers routed their attacks through American universities to disguise their tracks; and the attacks originated from the same university in China from which past computer attacks were launched by the Chinese military against U.S. military contractors.
In the Times report, Mandiant—the cyber security company hired by the Times to counter the computer attacks—stated “over the course of several investigations it found evidence that Chinese hackers had stolen e-mails, contacts and files from more than 30 journalists and executives at Western news organizations, and had maintained a ‘short list’ of journalists whose accounts they repeatedly attack.”
Mandiant’s chief security officer Richard Bejtlich said the attacks were “part of this overall story that the Chinese want to know what the West thinks of them. What slant is the media going to take on them? Who are their sources?”
After the Times released its report of the attacks, The Wall Street Journal reported on Feb. 1 it, too, had been a target for Chinese hackers “apparently to spy on reporters covering China and other issues.”
To counter the cyberspying allegations, Chinese Embassy spokesman Geng Shuang said “it is irresponsible to make such an allegation without solid proof and evidence. The Chinese government prohibits cyberattacks and has done what it can to combat such activities in accordance with Chinese laws.”
Shuang went on to say China has been a victim of similar cyber attacks, but did not say where these attacks originated or who was behind them.