Chinese hackers break into NYT, WSJ networks

Tools

Chinese hackers allegedly broke into the New York Times network and made off with the passwords of every employee. This was revealed in a report published by the Times this week. On Thursday, the Wall Street Journal came forward and announced that it had also been hacked. The latter is currently working with authorities and security specialists to clean up its systems.

In the Times' case, investigators still do not know how the hackers were able to break in, though spear phishing is suspected. At the heart of this attack was a story critical of the relatives of Chinese prime minister Wen Jiabao, and the attackers apparently focused on getting into the email accounts of Times Shanghai Bureau Chief David Barboza and South Asia Bureau Chief Jim Yardley.

According to security experts from Mandiant who were brought in to deal with the breach, the hackers' method--which routed attacks through compromised computers in United States universities--was consistent with tactics employed in other attacks that were eventually traced back to China. They also say that no customer data was stolen.

The hackers installed over 45 different pieces of custom malware code over a period of three months. Only in one instance did the Symantec antivirus products used by the Times identify an attacker's software as malicious and quarantine it.

"Attackers no longer go after our firewall. They go after individuals. They send a malicious piece of code to your email account and you're opening it and letting them in," says Michael Higgins, chief security officer at the Times.

For more:
- check out this article at Ars Technica

Related Articles:
NYT attack offers hints for other CIOs facing threats
Protect yourself from 'simple' cyberattacks