The New York Times reports that Chinese hackers targeted its computer systems in an attack that began in September 2012. The attackers managed to gains access to a domain controller that holds account access credentials for all Times employees; this particular attack targeted the accounts of the current and former Times Beijing bureau chiefs. The hackers appear to have been looking for information identifying sources in China who may have provided information to journalists investigating a story about the fortunes amassed by family members of Chinese Prime Minister Wen Jiabao. The hackers took circuitous routes, directing their attacks through previously compromised systems at several different US universities and shifting IP addresses often. Such deceptive strategy is similar to that used in other cyberattacks that have been linked to China. Chinese officials deny involvement in the attacks. The Times called in Mandiant to help monitor and block the attacks, gather evidence, and expunge the hackers. The attackers have been ousted from the system for now and more cyberdefenses have been established, but the Times harbors no illusions that its systems will not be targeted again.
Bloomberg was targeted in a similar attack earlier last year after they published a story about the net worth of then-vice president Xi Jinping’s family members.
(Editor’s Note: The video accompanying the story is thorough and well worth watching.) The Wall Street Journal says Chinese hackers have also targeted its computer systems, presumably for the purpose of monitoring the paper’s China coverage. The attacks “are not an attempt to gain commercial advantage or to misappropriate customer information.”
http://online.wsj.com/article/SB10001424127887323926104578276202952260718.html
http://news.cnet.com/8301-1009_3-57566995-83/wall-street-journal-china-hackers-hit-us-too/]
[Editors Note (Paller): Three big takeaways from this story: (1) the attackers were in for a long time before they were discovered; (2) the antivirus and other defenses were useless; (3) they didn’t have people with technical security skills on staff to deal with it. These three facts are true of more than 1,400 companies in the United States including most power companies, large law firms, other major newspapers and media companies, telecommunications, high tech, natural resources, manufacturers, and defense industrial base companies, just to name a few. It’s easy to point fingers. In a couple of weeks you’ll see what can actually be done to stop these attack.
(Honan): This story claims that a major factor in the success of the attackers was the fact the anti-virus software used by the New York Times did not detect 44 pieces of custom made malware used against the Times’ network. If you are relying solely on anti-virus software to protect your systems, especially against custom made malware, then you will get breached.
Deja un comentario