January 31, 2013
Did Chinese Hackers Infiltrate New York Times Computer System?
Michael Harper for redOrbit.com — Your Universe Online
Late last October, the New York Times ran a story on the business dealings of the relatives of China´s Prime Minister. This investigation found that Wen Jaibo´s brother, daughter, son and even mother-in-law have acquired a total of at $2.7 billion between them, thanks to some “aggressive deal making.”Today, the Times is reporting that immediately after they published this story, Chinese hackers began launching an attack against the news organization, breaking into their computer systems and stealing employee passwords.
Hiring a team of experts from the security company Mandiant, the Times was able to find and track the movements of these hackers in order to better protect themselves. According to the news organization, they´ve since been able to build better defenses around their network to keep the attackers at bay.
According to Mandiant, these hackers used methods similar to those used by the Chinese military to break into the Times´ network. Once inside, they gained access to the email accounts of Shanghai bureau chief David Barboza and South Asia bureau chief in India Tim Yardley. Barboza is directly responsible for writing the investigative report on Jaibo´s family.
“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Times executive Editor Jill Abramson in the story.
To gain entrance into the Times´ computers, the Chinese hackers first broke into computers at an unnamed University in the US, rerouting their moves through them. Next, they installed malware which enabled them to break into any computer on the Times´ network.
According to Mandiant, this strain of malware has been used in Chinese attacks in the past.
The attackers then stole the corporate password for every Times employee and used these credentials to gain access to 53 computers, the majority of which were located outside of the Times newsroom. Mandiant found that these hackers were only after information related to the Jaibo story, and did not access any other personal or sensitive data.
Though these attacks closely resembled other attacks originating from the Chinese military, the nation´s Ministry of National Defense was none too pleased when asked if they had a hand in the ordeal.
“Chinese laws prohibit any action including hacking that damages Internet security,” said a spokesperson for China´s Ministry of National Defense, speaking to the New York Times.
Spokesperson Hong Lei gave another statement to the BBC, calling these accusations “groundless.”
"To arbitrarily assert and to conclude without hard evidence that China participated in such hacking attacks is totally irresponsible,” said Lei.
"China is also a victim of hacking attacks. Chinese laws clearly forbid hacking attacks, and we hope relevant parties takes a responsible attitude on this issue."
The Times piece also mentions a similar attack last year against another large, western news organization. Shortly after Bloomberg published a story last June about the wealth of Xi Jinping´s family, (then China´s vice president) they, too, were attacked by Chinese hackers. According to Ty Trippet, spokesperson for Bloomberg, “no computer systems or computers were compromised.”
The Times also notes that no customer data or information were compromised as a result of this attack.