New York Times hacking: A sign of things to come?By Michele Penna Feb 13, 2013 11:12AM UTC
BEIJING – “For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.” So begins an article published by the newspaper itself on January 30. According to the report, unidentified attackers installed up to 45 pieces of custom malware on the company’s website.
Mandiant – the company hired by the newspaper to investigate the case in November – found out that the attacks were rerouted through American universities, presumably to hide their origin. These institutions appear to be the same used by Chinese hackers in previous attacks.
Another detail worth noting is the timing of the attacks. Again according to what the New York Times reported, intrusions began after October 25, when the paper published a story on the fortunes accumulated by the relatives of Chinese premier Wen Jiabao. Before the publication of the reportage, Chinese officials had reportedly warned the paper that there would be consequences. And, indeed, the Times’ Chinese website was blocked right after the big story got out. But that may have just been the beginning.
The attacks which began after that date resulted in the corporate passwords of every employee being copied. Among the targets were David Barboza, who broke the story about Mr Wen’s family, and Jim Yardley, who used to be the paper’s Beijing bureau chief and is now based in India. It seems that the hackers were looking for the names of the people who provided information to Mr. Barboza for his article on premier Wen’s relatives.
[READ MORE: Burma denies hacking journalist email accounts]
On January 31, the Wall Street Journal, stated that it, too, had fallen victim to hackers. For four months the company’s computers had been under threat by unidentified intruders who were apparently looking for information about the Wall Street Journal coverage of China. According to Paula Keve, a spokeswoman for the Journal publisher Dow Jones, the attempts were not aimed at obtaining commercial advantages or customer information.
China’s Foreign Ministry’s spokesman, Hong Lei, has denied any connections between Chinese institutions and the hackers. He recently argued that “cyber attacks are transnational and anonymous,” adding that “to presume the source of a hacking attack based on speculation is irresponsible and unprofessional.”
Geng Shuang, the spokesman of the Chinese embassy in the United States, has criticized such allegations too. “It is irresponsible to make such an allegation without solid proof and evidence,” he said. “The Chinese government prohibits cyberattacks and has done what it can to combat such activities in accordance with Chinese laws.”
Their positions, however, do not reflect feelings in other countries, where China is often blamed for hacking enterprises. It is widely speculated, for example, that in 2010 Beijing supported an attack on Google, while in 2011 doubts about a possible government involvement again spread as Chinese hackers successfully broke into the US Chamber Of Commerce.
China herself, however, claims she has often been under fire from cyber-attackers. According to what has been reported by Forbes Magazine, between January and June 2012 about 7.8 million Chinese computers were affected in 27,900 IP attacks that originated in other countries. Most of them came from the US.
The rise in attacks – not just in China and the US, but in plenty of other countries, too – and the attention they increasingly receive both from policymakers and scholars highlight how cyberwarfare is not a futuristic idea anymore. It can work in the real, present world and could arguably become more common in the future. A cyberattack can harm national infrastructure, steal information or block communications inside a chosen country, thus forcing it on its knees or paving the way for traditional intervention.
The most striking, recent example of such methods came in 2010, when operations at an Iranian nuclear plant were damaged by Stuxnet, a virus which had infected the facility’s computers. It is not yet clear who had created it, but The National reported that according General Michael Hayden – a former director of the National Security Agency and CIA – its complexity could indicate that it was realized with the backing of a state. Rumors have it that either Israel, Britain or the US may have been responsible.
Coming back to China, the intrusion in the New York Times’ computers means that there is someone out there who is very eager to find out what reporters do and where they get their information. And that “someone” is most likely the government itself. But why is that happening? Why are authorities interested in tracking down what journalists do? The explanation is likely to be the same that journalist and historian Jonathan Fenby gave about the Communist Party’s reaction to the Falun Gong movement in the late 90s: paranoia. Chinese people may be patriotic, but their feelings are not as benign toward the Party. Corruption and plain injustice, for example, are among the most felt issues by common people, and reporters who come up with “bad” stories concerning the leaders threaten their credibility.
As for the journalists, they have to deal with the dangers of the very tools they use. From finding information and keeping up with the news to double-checking dates and facts, the internet has become unavoidable. But being connected exposes journalists’ to hackers and other threats to their privacy. Today, the biggest threat to their integrity and the safety of their sources may dwell inside their hard disks.