New York Times claims it was attacked by Chinese hackers in four month “espionage campaign”
The New York Times has claimed that it has been under a prolonged cyber-attack by Chinese hackers who attempted to infiltrate its systems and steal employee passwords. According to the paper, which currently has ex-BBC director general Mark Thomson at its helm, the attacks began last autumn after it published an investigation into the family finances of Chinese prime minister Wen Jiabo. It says that after the report, which claimed Wen Jiabo had amassed a $2.7 billion fortune from business dealings, was published, Chinese officials warned there would be “consequences”. After this threat, the paper asked IT security experts to monitor activity on its networks. These experts reportedly found that attackers were Chinese and had used methods that have been linked with the Chinese military in the past. It found that 53 of the Times’s employees had had their personal computers accessed, including that of the Shanghai-based correspondent, David Barboza, who broke the Wen investigation and a former Beijing bureau chief now based in India, Jim Yardley. The newspaper went on to explain that the attacks would begin at 8am Beijing time. The hackers would first hack into U.S university networks to disguise their identity, and then emailed malicious software – known as malware – to Times employees who inadvertently allowed access to their network by opening the emails. The paper says it believes that the hackers were looking for information about individuals who had provided information to its reporter about Wen's finances. However, the experts found no evidence that the intruders used the passwords to gain information unrelated to the Wen family, or targeted data related to customers of the paper. Marc Frons, the New York Times's chief information officer, said: "They could have wreaked havoc on our systems. But that was not what they were after." Michael Higgins, The New York Times' chief security officer, added: "Attackers no longer go after our firewall. They go after individuals. They send a malicious piece of code to your email account and you're opening it and letting them in.” Asked by The New York Times to respond to the allegations, China's Ministry of National Defense said: "To accuse the Chinese military of launching cyber attacks without solid proof is unprofessional and baseless," adding that Chinese law prohibits such actions. New York Times representatives said that its experts found no evidence that sensitive emails or files from the Wen investigation were accessed and that the company has now blocked all infected computers, changed all employee passwords and introduced new cybersecurity measures.