The New York Times has revealed that it’s been repeatedly hit by Chinese hackers over the last four months, possibly in retaliation for an investigation into the family of the Chinese prime minister.
The company says it’s been able to halt the attacks, but that in the meantime the hackers were able to gather passwords for the entire staff and gain access to 53 computers.
They also gained access to the email accounts of the paper’s Shanghai bureau chief, David Barboza, and former Beijing bureau chief Jim Yardley. No customer data was accessed.
The paper’s not entirely sure about the mitivation of the attacks, which followed an investigation, published last October, into the financial dealings of prime minister Wen Jiabo’s relatives.
But, says Jill Abramson, executive editor of The Times, “Computer security experts found no evidence that sensitive emails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied.”
However, the attackers appeared to be looking for the names pf people who had helped the paper with its investigation. There was no attempt to try and shut the paper’s systems down.
“They could have wreaked havoc on our systems,” says Marc Frons, the Times’s chief information officer. “But that was not what they were after.”
To disguise the source of the attacks, the hackers routed them through several universities, a tactic that Chinese hackers have used before. It’s not known how they gained access, although the Times suspects a spear-phishing attack, with an absent-minded staffer clicking on a link.
Around 45 pieces of malware were discovered, of which only one was detected by the paper’s Symantec security system. The paper was, though, on the alert for atttacks, having been indirectly warned by Chinese officials that its investigation would ‘have consequences’.
The paper says it’s braced for further attacks.