N.Y. Times hacked: How large is China's campaign to control, intimidate?
The list of media outlets infiltrated by Chinese cyberspies doesn't end with The New York Times or Wall St. Journal, cybersecurity experts say. Anyone reporting on China is a potential target.
(Page 2 of 4)
In late 2011 and early 2012, he says, cyberintruders whose digital signatures he tracked back to China invaded newspapers in Vietnam and Japan. In those cases, he said, he attempted to contact the news organizations to let them know – successfully in the case of the Japanese newspaper.Skip to next paragraph
Subscribe Today to the Monitor
In August 2011, the Associated Press was reported to be among 72 companies and government agencies targeted in a broad-based global cyberespionage campaign identified by McAfee, the cybersecurity company. McAfee, which dubbed the China-based campaign "ShadyRAT," did not identify the AP by name in its report.
AP spokesman Jack Stokes said the company was aware of the reports.
"We do not comment on network security," he told the Washington Post at the time.
Ronald Deibert, director of the Citizen Lab at the Munk Centre for International Studies at the University of Toronto, says current revelations about media organizations targeted by the Chinese fit into a much larger picture that his group just scratched the surface of in 2009, when they looked into an espionage campaign dubbed “GhOstNet.”
Dr. Deibert, who coauthored a report on GhOstNet, says Canadian researchers investigating Chinese espionage against the Dali Lama and the Tibetan community found that computer systems in AP offices in Hong Kong and London were compromised.
The "common thread" in the GhOstNet campaign was that all of the targets involved Chinese concerns – including the attack on the AP, Deibert says. The AP servers in Hong Kong and London were compromised, he believes, "so the attackers would have had access to stories and contacts in the stories before the stories were released."
In its story of the Chinese infiltration of its own systems, the Times reported that Bloomberg News, too, had been attacked last year following its investigation of Premier Xi’s family. But all those instances are pieces that fit into a far larger puzzle, many say.
"What is significant about the New York Times breach is not that the Chinese have breached a big media organization," Deibert says. "If someone had come to me back then and said: 'Have the Chinese breached more media organizations than just the AP?' I would answered: 'Of course!’
“You'd have to be stupid not to think that, based on the scope of the victims – government, Fortune 500, telecommunications, military contractor – compromised over the last three years by networks within China. So, The New York Times? I'd bet money on it."
In a December intelligence report for its clients, Mandiant, the company brought in by the Times to investigate, found evidence that Chinese hackers "had stolen e-mails, contacts, and files from more than 30 journalists and executives at Western news organizations, and had maintained a ‘short list’ of journalists whose accounts they repeatedly attack," the Times reported.