Since the New York Times reported last week that Chinese hackers had been attacking its computers over the past 4 months, it now transpires that the Wall Street Journal, Washington Post and Bloomberg News have also been subjected to attacks thought also to be originating in China.
The attacks have all seemingly coincided with stories run by the various media companies about Chinese politicians or dignitaries. In the case of the New York Times, it had published an investigation into the accumulation of large amounts of wealth by relatives of China’s prime minister Wen Jiabao. The targets of the hackers were the journalists involved in writing these stories and it is presumed that the Chinese hackers were looking for information relating to possible sources in China.
The hackers are thought to have gained access to the systems via phishing emails. These are emails that get a user to click a link which ends up downloading software that provides the hackers with remote access to that person’s machine. In total, the hackers obtained passwords belonging to 53 of the New York Times’ staff. Systems that the New York Times was using to protect their networks and computers failed to prevent the attacks. In fact, of the 45 pieces of custom malware eventually installed on the computers, the Symantec software that was supposed to protect the computers, found only one. Symantec later claimed that the fact that their software hadn’t protected the New York Times was the newspaper’s fault and that they had not been “using their software correctly”.
China meanwhile has also denied being responsible for the attack with a statement by the Foreign Ministry spokesman Hong Lei calling the accusations “groundless” and “irresponsible”.
The outcome from the reporting of this story by the New York Times has been somewhat self-serving. The idea that a nation state would attack another country’s news organisations is the stuff that sells novels, let alone papers. It fuels our worst fears that if anyone dares criticise the Chinese, they will be subjected to ruthless attacks. And of course, through all of this, the New York Times will carry on valiantly despite all of the threats and possible danger in order to bring their public the news.
The fact that the New York Times was hacked is not in dispute. However, the claim that it was the Chinese Government is based largely on circumstantial evidence. Cyber security expert Jeffrey Carr has written an analysis of the claims of Chinese Government involvement made by the New York Times and Mandiant, the security firm that they hired to stop the hacking attacks. The evidence that the attacks were being carried out by the Chinese military included the fact that the time of the attacks usually coincided with a workday in China, that the patterns of attacks were similar to attacks that the Chinese had been thought to be involved with before and that the origin of the attacks were from the same Chinese universities used by the Chinese military to attack US military contractors in the past.
So, whilst it could be the Chinese who have been responsible for the attacks, it could also be any number of other individuals, groups or for that matter, nations. This was a point reinforced by outgoing Secretary of State Hilary Clinton who said that the Chinese “are not the only people who are hacking us”.
In our always connected world, it is safe to assume that no information stored, or shared, via mobile devices or computers is ever going to be secure. It is also true that journalists or analysts of any kind that establish networks of information contacts will be a prime target for attacks by people wanting to know what, and who, they know. Journalists, like others who may be being surveilled (and that may include all of us at some point), will have to learn skills of using tools to encrypt information and communications and being ultra-secure with their devices. Perhaps in future, spy training and learning spy tradecraft should be part of the journalist school curriculum?