A new report from the New York Times claims hackers infiltrated their network for approximately four months, compromising multiple systems and targeting at least one journalist in the process. The paper believes the attacks were politically motivated and may have been conducted by the Chinese military.
The Times claim they received warnings from Chinese government officials after running an investigative piece that probed at the wealth of prime minister Wen Jiabano’s family. Upon receiving the warning, the Times put their ISP on alert to monitor for attacks. The same day the paper’s investigation was published, AT&T discovered signs of an attack that was consistent with other attacks carried out by the Chinese military.
AT&T was powerless in the fight, prompting the Times to hire private security firm Mandiant to take over. An analysis by the security firm found the attack was targeting the journalist responsible for the investigation into Jiabano’s relatives. The goal, they believe, was to uncover sources that had been used to collect information during the investigation.
The cyber attack reportedly began on September 13 as information was being collected for the story. The Times say the hackers might have used a spear-phishing attack to gain access to three computers. From there, they were able to crack passwords and gain access to dozens of other systems. At least 45 pieces of custom malware were implanted – only one was picked up by Symantec’s anti-virus software, they say.
The paper says the hackers have since been locked out of the system but they believe they will be targeted as part of future attacks.