New hacking scandal: China accused of using computer espionage to hunt down New York Times sources

A new hacking scandal broke last night – this time apparently involving the Chinese state and attacks on The New York Times.

The paper revealed that it has been under sustained attacks from computer hackers since October when it revealed that relatives of the Chinese prime minister Wen Jiabao had accumulated several billions in wealth.

After bringing in a specialist forensic computing firm, the NYT has established that highly co-ordinated hackers – amost certainly emanating from China – had infiltrated its computer network in an attempt to expose journalistic sources.

According to the NYT  the email accounts of both Shanghai bureau chief David Barboza (who worked on the Jiabao relatives story) and South Asia bureau chief Jim Yardley were hacked.

The NYT said it found no evidence that sensitive files had been accessed or copied.

The attackers are understood to have installed software that enabled them to gain access to any computer on The New York Times network.

The attacks were said to have started from the same university computers used by the Chinese military to attack United States military contractors in the past.

Apparently the hackers gained access to the personal computers of 53 NYT employees, most outside the newsroom.

The NYT reports that last year, Bloomberg News was targeted by Chinese hackers after it published an article on 29 June about the wealth accumulated by relatives of Xi Jinping, China’s vice president at the time who is expected to become president in March.

The NYT believes the hackers used  “phishing” to gain access to the NYT system. All it would have taken would be one employee to click on a malicious attachment for the hackers to install “remote access tools” and take over  computers.

Over three months the hackers installed 45 pieces of malicious software, only one of which was identified by NYT antivirus  provider  Symantec – the company said.

It used specialist computing firm Mandiant to track and repel the hacking attack.

The hackers were apparently focused on finding the sources for Barboza’s stories. They were unsuccessful because his reporting was based  public records .

MORE ON THIS STORY : 

Tags: 

Sign up for our free weekly digital magazine, Press Gazette Journalism Weekly, and daily newsletter
To contact Press Gazette with a story call 0207 936 6433
or email pged@pressgazette.co.uk
To advertise, please call 0207 936 6764.