N.Y. Times hacked: How large is China's campaign to control, intimidate?
The list of media outlets infiltrated by Chinese cyberspies doesn't end with The New York Times or Wall St. Journal, cybersecurity experts say. Anyone reporting on China is a potential target.
Cyberspies who breached computer networks of The New York Times and Wall Street Journal are part of a far larger global campaign of intrusions targeting news organizations worldwide that report on China, according to cybersecurity experts and China policy analysts.Skip to next paragraph
Subscribe Today to the Monitor
Early Thursday, the Times reported that cyberintruders last fall infiltrated its networks via Internet domains and addresses based in China, attempting to remove notes files and other information related to its reporting on the fortunes amassed by relatives of China's premier, Xi Jinping. Later in the day, the Journal reported that its networks, too, had been hacked by intruders from China.
Yet to be confirmed are reports Friday by a well-regarded cybersecurity researcher that the Washington Post also was infiltrated by Chinese cyberspies for an extended time last year. Brian Krebs, the researcher, reported the infiltration, quoting a former Post technology expert on his blog. "We have nothing to share at this time,” a Post spokesman told Mr. Krebs.
China’s apparent motives in infiltrating major news organizations, experts say, are to anticipate and respond to negative coverage of the country, and, perhaps no less importantly, to deter Chinese citizens from speaking openly with Western news organizations.
While news organizations have long known their China-based correspondents are spied upon at times, outlines of a far-larger global campaign targeting news organizations that report on China are now emerging, cybersecurity experts told the Monitor. It is part of a massive effort identified since about 2007 that these experts call the "advanced persistent threat."
That label once referred to unknown cyberhackers invading a corporate network, creating digital backdoors, and spending months or years sending intellectual property data – like oil bid data and pharmaceutical formulas – back through the Internet to points unknown. But now the "A.P.T." is seen in the cybersecurity industry as a mere shorthand for "getting hacked by the Chinese."
"We have data that to me makes it definitely clear that there's a pattern here – hacks on industry, activists, government – and journalists around the world," says Joe Stewart, a cybersecurity expert with Dell Secureworks who has tracked cyberespionage attacks, including a number against news organizations, back to Internet addresses in China.