For the past four months, Chinese hackers have persistently attacked the New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.
After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, the Times and computer security experts have expelled the attackers and kept them from breaking back in.
The timing of the attacks coincided with the report of a Times investigation, published online on Oct. 25, that found that the relatives of Chinese Premier Wen Jiabao (溫家寶) had accumulated a fortune worth several billion of US dollars through business dealings.
Security experts hired by the Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached the Times’ network.
They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Wen’s relatives, and Jim Yardley, the Times’ South Asia bureau chief in India, who previously worked as bureau chief in Beijing.
“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” Times executive editor Jill Abramson said.
The hackers tried to cloak the source of the attacks on the Times by first penetrating computers at US universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by the Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.
The attackers first installed malicious software, or malware, that enabled them to gain entry to any computer on the Times’ network. The malware was identified by computer security experts as a specific strain associated with computer attacks originating in China. More evidence of the source, experts said, is that the attacks started from the same university computers used by the Chinese military to attack US military contractors in the past.
Security experts found evidence that the hackers stole the corporate passwords of every Times employee and used those to gain access to the computers of 53 employees, most of them outside the Times’ newsroom.
Experts found no evidence that the intruders used the passwords to seek information that was not related to the reporting on the Wen family.
No customer data was stolen from the Times, they said.
Asked about evidence that indicated the hacking originated in China, China’s Ministry of National Defense on Wednesday said that “to accuse the Chinese military of launching cyberattacks without solid proof is unprofessional and baseless.”
In Beijing, Chinese Ministry of Foreign Affairs spokesman Hong Lei (洪磊) told reporters: “The competent Chinese authorities have already issued a clear response to the groundless accusations made by the New York Times.”
Asked about cyberspying and hacking accusations made against China in general, he said: “To arbitrarily assert and to conclude without hard evidence that China participated in such hacking attacks is totally irresponsible.”
“China is also a victim of hacking attacks. Chinese laws clearly forbid hacking attacks, and we hope relevant parties takes a responsible attitude on this issue,” he said.
Additional reporting by AFP
NO LIVERPOOL TRIP: Taiwan’s Lin Yu-ting, who won a gold medal in the boxing at the Paris Olympics, was embroiled in controversy about her gender at that event Taiwanese boxer Lin Yu-ting (林郁婷) will not attend this year’s World Boxing Championships in Liverpool, England, due to a lack of response regarding her sex tests from the organizer, World Boxing. The national boxing association on Monday said that it had submitted all required tests to World Boxing, but had not received a response as of Monday, the departure day for the championships. It said the decision for Lin to skip the championships was made to protect its athletes, ensuring they would not travel to the UK without a guarantee of participation. Lin, who won a gold medal in the women’s 57kg boxing
RESPONSE: The transit sends a message that China’s alignment with other countries would not deter the West from defending freedom of navigation, an academic said Canadian frigate the Ville de Quebec and Australian guided-missile destroyer the Brisbane transited the Taiwan Strait yesterday morning, the first time the two nations have conducted a joint freedom of navigation operation. The Canadian and Australian militaries did not immediately respond to requests for comment. The Ministry of National Defense declined to confirm the passage, saying only that Taiwan’s armed forces had deployed surveillance and reconnaissance assets, along with warships and combat aircraft, to safeguard security across the Strait. The two vessels were observed transiting northward along the eastern side of the Taiwan Strait’s median line, with Japan being their most likely destination,
‘NOT ALONE’: A Taiwan Strait war would disrupt global trade routes, and could spark a worldwide crisis, so a powerful US presence is needed as a deterrence, a US senator said US Senator Deb Fischer on Thursday urged her colleagues in the US Congress to deepen Washington’s cooperation with Taiwan and other Indo-Pacific partners to contain the global security threat from China. Fischer and other lawmakers recently returned from an official trip to the Indo-Pacific region, where they toured US military bases in Hawaii and Guam, and visited leaders, including President William Lai (賴清德). The trip underscored the reality that the world is undergoing turmoil, and maintaining a free and open Indo-Pacific region is crucial to the security interests of the US and its partners, she said. Her visit to Taiwan demonstrated ways the
The US has revoked Taiwan Semiconductor Manufacturing Co’s (TSMC, 台積電) authorization to freely ship essential gear to its main Chinese chipmaking base, potentially curtailing its production capabilities at that older-generation facility. American officials recently informed TSMC of their decision to end the Taiwanese chipmaker’s so-called validated end user (VEU) status for its Nanjing site. The action mirrors steps the US took to revoke VEU designations for China facilities owned by Samsung Electronics Co and SK Hynix Inc. The waivers are set to expire in about four months. “TSMC has received notification from the US Government that our VEU authorization for TSMC Nanjing
RSS