December 19, 2013
A Third Hack In Three Years For The Washington Post News Group
Peter Suciu for redOrbit.com - Your Universe Online
The Washington Post announced that hackers had once again breached its network. This is at least the third intrusion into the newspaper’s network in the past three years, company officials said on Wednesday. In this latest cyber-attack the hackers were able to hack into the company’s servers and gain access to employee user names and passwords.“This is an ongoing investigation, but we believe it was a few days at most,” said Post spokeswoman Kris Coratti.
The actual extent of the damage is unknown but the company has planned to ask all employees to change their usernames and passwords on the assumption that many or even all of them may have been compromised in this most recent attack, said the Post.
However, the paper added that there is no evidence at this time that subscriber information, which could include home addresses and credit card numbers were accessed by hackers. Moreover, there were no signs that the hackers had gained any access to the newspaper’s publishing system, email or any personal information about employees, notably Social Security numbers.
The Washington Post was targeted in late 2011 as part of an alleged sweeping attack that also included The New York Times, the Associated Press, The Wall Street Journal and Bloomberg.
This past January The New York Times also reported that it had been targeted by Chinese hackers over a four-month period, following a story the paper ran on the business dealings of the relatives of China’s Prime Minister. Security researchers from Mandiant, which is the same firm that the Post relies on to monitor its networks, said at the time that hackers used methods similar to those employed by the Chinese military in past cyber-attacks.
However, China has shot back that it doesn’t utilize any cyber warfare tactics.
In February of this year China denied that it was involved in any hacking of US media outlets’ computer networks, and further alleged that the United States is responsible for cyber-attacks in China.
Security firm Mandiant however released a report in March, which detailed a rash of cyber-attacks that were made against companies in the United States and other English-speaking countries. These attacks were all believed to have been launched from a specific branch of the People’s Liberation Army (PLA) dubbed “Unit 61398,” which is located in a 12-story building on the edge of Shanghai.
China has also apparently not been alone in employing cyber warfare. In August of this year The Washington Post announced that it had been attacked by a hacker collective that supports Syrian President Bashar al-Assad. This so-called Syrian Electronic Army was reportedly responsible for cyber-attacks against various media companies, and unlike the Chinese hackers, the SEA actually claimed responsibility for its hacking efforts via a tweet.
“The Syrian Electronic Army, allegedly, subjected Post newsroom employees to a sophisticated phishing attack to gain password information,” said Washington Post Managing Editor Emilio Garcia-Ruiz in a statement posted on the paper’s editorial blog in August. “The attack resulted in one staff writer’s personal Twitter account being used to send out a Syrian Electronic Army message. For 30 minutes this morning, some articles on our web site were redirected to the Syrian Electronic Army’s site.”