The New York Times claims that it suffered a major hacking operation, and was infiltrated by what appears to be Chinese hackers over the last four months, according to a report published by the Times on Wednesday, January 30th. The hackers were apparently retaliating against the international news organization for its critical story of new Chinese prime minister Wen Jiabao’s wealth, and gained access to the passwords of every Times employee. Especially targeted were the journalists who wrote the story on Wen and his family.
The Times reports that the attacks were consistent with those associated with the Chinese military, and were specifically targeting the e-mail accounts of Shanghai Bureau Chief David Barboza and South Asia Bureau Chief Jim Yardley. The first attacks began on September 13, when the Wen story was nearly complete. The attacks were used to gain access to the computers of 53 employees, according to the Times‘ report.
The hackers also gained enough access to the Times‘ network that Chief Information Officer Marc Frons said they could have drastically affected the news service.
The security firm which the Times hired, Mandiant, tracked the hackers — who hid their tracks through various U.S. universities — for a period of time before locking them out of the system. The most likely attack was an e-mail “spear phishing” operation, where e-mails infected with malware target a specific organization for access to a given network. The hackers built a program to filter through the Times‘ mailserver for any documents relevant to Barboza and Yardley after they gained access to the Times‘ password database. The hackers appeared, the Times reports, to have been looking for the names of anyone who contributed to the Wen story. Reporting outside the Wen family story was allegedly ignored.
According to experts at Mandiant and Times Executive Editor Jill Abramson, though, there wasn’t any “evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied.”
It’s reported the hackers have tried to regain access to the network, but have so far been rebuffed. But Wired reports that the attack was only the latest in a long string of attacks by Chinese hackers against western media outlets, which began in 2008.