NY Times blames China for cyber attack

The New York Times says Chinese hackers have repeatedly launched cyber attacks against its Web site and journalists in the four months since the paper angered Beijing by posting an article exposing the wealth of a senior politician.

In a detailed report published Thursday, the newspaper said hackers used tactics known to be employed by the Chinese military to break into its network and steal the email passwords of several senior reporters and other employees.

The paper said the attacks began about the same time it published a blockbuster October story detailing $2.7 billion allegedly accumulated by the family of outgoing Chinese Premier Wen Jiabao.

At the time, China reacted angrily to the story, which threatened the reputation of a leader known for his clean image. It immediately blocked the Times’ English and Chinese Web sites. The paper says the government also promised unspecified consequences.

As a result, the paper hired Mandiant, a computer security company, which alerted the Times to the cyber attacks just one day after the Wen Jiabao article was published.

The Times does not know how the hackers broke into its network, but it suspects they used an email to employees containing malicious links or attachments. It says they were soon able to steal the corporate passwords for “every Times employee.”

The hackers then used the passwords to access dozens of employees’ personal computers, with the apparent aim of finding the sources of information for the article. The primary target, it said, was Shanghai bureau chief David Barboza, who wrote the article.

Jill Abramson, executive editor of the Times, said hackers were not able to access sensitive emails or files from the article on Wen, which relied on publicly available records such as corporate documents. The paper also said no customer data was stolen.

The paper said when Mandiant security officials became aware of the attack, they allowed the hackers to spin a digital web for four months in an effort to discover their identity. The investigation showed that hackers tried to conceal their activities by routing their attacks through computers at universities in the United States. They also tried to hide their location by continually switching IP addresses, a code that identifies computers on a network.

Other details suggested that the source of the attacks was China. The paper said hacker teams regularly attacked the system beginning at 8 a.m. Beijing time, continuing for a standard work day.

Mandiant, the security company, says those methods are consistent with previous cyber attacks associated with the Chinese military, which observers say regularly outsources cyber attacks and uses other ways to conceal its activities.

The Times says it has expelled the attackers by blocking the compromised outside computers, changing every employee password, and undertaking other security measures. But it said it expects more hacking attempts in the future.

When confronted by the New York Times about the attack, Chinese defense officials denied any involvement, calling it unprofessional and baseless.

Chinese censors later deleted conversations about the hacking controversy on domestic social media sites.

This entry was posted in World News. Bookmark the permalink.