Digital rogues: Chinese hack attack on Wall Street Journal, NYT

New York: Chinese hackers, possibly military-trained, infiltrated the networks of The Wall Street Journal. The infiltration at the Journal, along with reports of computer network breaches at The New York Times, indicate that Chinese spying on US media has become rife. For countries like India and the US, China increasingly represents the most threatening actor in cyberspace. In July last year, Chinese hackers penetrated India’s naval computer systems in and around the city of Visakhapatnam, the headquarters of the Eastern Naval Command, and planted a bug which sent sensitive military data to IP addresses in China. Chinese hackers have now begun to target Western journalists as part of an effort to identify and intimidate their sources and contacts, and to anticipate stories that might damage the reputations of Chinese leaders. [caption id=“attachment_609439” align=“alignleft” width=“380”] Chinese hackers present a clear and present danger. Representational image. Reuters[/caption] “Evidence shows that infiltration efforts target the monitoring of the Journal’s coverage of China, and are not an attempt to gain commercial advantage or to misappropriate customer information,” Paula Keve, chief spokeswoman for the Journal’s parent company, Dow Jones & Co., said in a statement on Thursday. Keve said the Journal on Thursday completed a network overhaul to bolster security, taking extensive measures to protect journalists and sources. “We fully intend to continue the aggressive and independent journalism for which we are known,” she said. One of the ways the hackers penetrated the Journal’s computer system was through its Beijing bureau to monitor the paper’s China coverage. The New York Times on Thursday published a report saying for the last four months, Chinese hackers have persistently attacked the paper, infiltrating its computer systems and getting passwords for its reporters. The paper said it believed it had expelled the hackers from its system. “After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in,” said the paper. The timing of the attacks coincided with a scathing investigation into the riches of folksy Chinese premier Wen Jiabao. A Times expose published on October 25, found that the relatives of Wen Jiabao, had accumulated a fortune worth several billion dollars through business dealings over the course of Wen’s rise to power. Computer security experts at Mandiant, the company hired by the Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods associated with the Chinese military in the past, breached paper’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Wen’s relatives, and Jim Yardley, the Times’ South Asia bureau chief in India, who previously worked as bureau chief in Beijing. The spear-phishing attack The digital rogues tried to cloak the source of the attacks on the Times by first penetrating computers at US universities and routing the attacks through them, said Mandiant. This matches the subterfuge used in many other attacks that Mandiant has tracked to China. “Investigators still do not know how hackers initially broke into _The Times’_s systems. They suspect the hackers used a so-called spear-phishing attack, in which they send e-mails to employees that contain malicious links or attachments. All it takes is one click on the e-mail by an employee for hackers to install “remote access tools”— or RATs. Those tools can siphon off oceans of data — passwords, keystrokes, screen images, documents and, in some cases, recordings from computers’ microphones and Web cameras — and send the information back to the attackers’ Web servers,” said the paper. The malicious software that enabled the hackers to gain entry to computers on the Times’ network was identified by experts as a specific strain associated with computer attacks originating in China. Chinese officials have denied the charge, saying Beijing also is a victim of computer attacks and security breaches. They argue that just because cyber attacks may originate from Chinese soil doesn’t mean China is sponsoring the attackers.