Chris Dougherty, Contributor
Over the past four months, Chinese hackers have penetrated computers belonging to the New York Times and its staff. The hackers appeared to be intent on hunting down and identifying newspaper sources involved in the investigation of a top Chinese leader. China’s Defense Ministry is denying any involvement in the attacks.
‘Chinese law forbids hacking and any other actions that damage Internet security,’ the Defense Ministry said in a statement. ‘The Chinese military has never supported any hacking activities. Cyber-attacks are characterized by being cross-national and anonymous. To accuse the Chinese military of launching cyber-attacks without firm evidence is not professional and also groundless.’
Experts investigating the breach said that the attacks used the same techniques as other recent high-profile attacks originating from China. It appears the hackers used phishing techniques in order to inject the paper’s computer systems with a strain of malware that has been used by the Chinese before on other targets.
The infrastructure used by the hackers consisted of a complex network of university computers in both China and the U.S. The attackers used the hijacked computers as a form of proxy in order to hide their tracks. According to experts closely associated with the case, this network was used previously by the Chinese military to attack U.S. Defense Department contractors.
The September attacks on the New York Times seemed to have been initiated as a result of an investigation into the financial affairs of the family of Chinese Premier, Wen Jiabao. The family has apparently built a fortune, with questionable origins, worth over $2 billion.
During the continued 4-month cyber attack, the hackers were able to successfully crack the passwords of all NY Times employees. Once compromised, the stolen passwords allowed the hackers to gain access to more than 50 personal laptops belonging to staff members.
At this point it is unclear what information the attackers were able to steal while they had access to the paper’s computer systems. Fox News reported that “none of the Times’ customer data was compromised and that information about the investigation into the Wen family remained protected, though it left unclear what data or communications the infiltrators accessed.”
Mandiant, the security firm investigating the case, stated that after months of investigation they are still unsure how the hackers initially infiltrated the Times’ computer systems; however, the investigation is still ongoing.