Chinese Hackers Target New York Times In Four-Month Cyberattack

The cyberattacks date back to when the newspaper published an expose detailing the wealth accumulated by the previous Chinese Premier, Wen Jibao.

Security experts have finally blocked a four-month long, sustained cyberwar on the New York Times by Chinese hackers. The attacks, which kept obtaining reporters' and other employees' passwords to its computer system, were firstly routed through U.S. university computer systems in order to throw cybersecurity investigators off the trail. Two of the Times' Asia-based correspondents, Shanghai bureau chief David Barboza, and his South Asia equivalent, Jim Yardley, a former Beijing bureau chief, had their email accounts infiltrated.

The newspaper has been a target ever since the New York Times published details of the network of wealth held by former premier Wen Jibao's family, in October 2012. It is not thought to be a revenge attack, but instead part of a large spy campaign that values controlling China's public image equally with getting its hands on state and trade secrets. The hacks bear all the hallmarks of state-sponsored attacks, sharing elements of Chinese military hacking: Both the malware was of a specific type peculiar to the People's Liberation Army; and the university computers used had been implicated in other military-sponsored cyberattacks on U.S. targets. It is, however, a truth universally acknowledged that the attacks cannot be pinned to the Chinese military, but instead emanate from either criminals, or uber-patriotic hackers, maybe financed by the PLA, maybe not.

The biggest casualty of this attack, however, may not be the New York Times, but computer security firm Symantec. Mandiant, the computer security firm hired by the Times to get to the bottom of the cyberassault, discovered that the Symantec anti-virus software identified just one of 45 items of malware installed by the hackers as malicious, before quarantining it. Symantec did not comment on the discovery to the New York Times, saying that it was company policy not to discuss its clients.

[Image by Flickr user tomasdev]

Add New Comment

1 Comments

  • Symantec

    As
    a follow-up to the announcement by the New York Times that they were hacked,
    Symantec has developed the following statement: Advanced attacks like the
    ones the New York Times described in the following article, (http://nyti.ms/TZtr5z),
    underscore how important it is for companies, countries and consumers to make
    sure they are using the full capability of security solutions. The
    advanced capabilities in our endpoint offerings, including our unique
    reputation-based technology and behavior-based blocking, specifically target
    sophisticated attacks. Turning on only the signature-based anti-virus
    components of endpoint solutions alone are not enough in a world that is
    changing daily from attacks and threats. We encourage customers to be very
    aggressive in deploying solutions that offer a combined approach to security.
    Anti-virus software alone is not enough.