Published January 31, 2013
In the latest illustration of cyber spies infiltrating corporate America, The New York Times revealed this week that Chinese hackers broke into the newspaper’s computer systems and penetrated the email accounts of a reporter who wrote a critical article about the country.
Likewise, The Wall Street Journal said Thursday afternoon its network was attacked and infiltrated by Chinese hackers aiming to monitor the newspaper's China coverage.
The allegations underscore the security gaps at major companies and the expanding motivations of increasingly-sophisticated overseas hackers.
According to a story published by the Times on Wednesday, the paper and its security experts have “expelled the attackers” and no customer data were stolen from the system.
The hacking began immediately following a negative Times story published on October 25 that highlighted the billions of dollars of wealth accumulated by family members of Wen Jiabao, China’s prime minister.
The Times said after discovering warnings from Chinese officials that the investigation into Mr. Wen’s relatives would “have consequences,” the company alerted AT&T (T), which monitors its computer network, to look for unusual activity.
The next day as the story was published AT&T alerted the paper of a likely attack.
Using methods previously linked to the Chinese military, the hackers infiltrated the email accounts of the story’s author, Shanghai bureau chief David Barboza, as well as former Beijing bureau chief Jim Yardley, the Times said.
The hackers appeared to be searching for the names of people who may have helped Barboza find information on his story, which was largely based on public records, the paper said.
“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” Jill Abramson, executive editor of the Times, told the paper.
China responded to the allegations by telling the Times that Chinese laws “prohibit any action including hacking that damages Internet security.” China’s Ministry of National Defense added that “to accuse the Chinese military of launching cyberattacks without solid proof is unprofessional and baseless.”
In addition to the apparent Times hacking, the Journal said it is suffering from an "ongoing issue" of hacking from China.
"Evidence shows that infiltration efforts target the monitoring of the Journal's coverage of China, and are not an attempt to gain commercial advantage or to misappropriate customer information,"a spokesperson from the Journal's publisher, Dow Jones & Co., said in a statement.
Dow Jones is owned by News Corp. (NWSA), the parent of FOX Business.
"We fully intend to continue the aggressive and independent journalism for which we are known," the Dow Jones spokesperson said, adding that the company just completed an overhaul of its networks on Thursday.
Moreover, the Times reported that Bloomberg News was targeted by Chinese hackers and some of its employees’ computers were infected following a critical June 29 story about the wealth of relatives of incoming president Xi Jinping.
Bloomberg News declined to comment on the report but pointed to comments made to the Times that confirmed that hackers had made attempts but “no computer systems or computers were compromised.”
The Times feared that an uptick in hacker activity surrounding the November 6 presidential election could create chaos for the paper’s publishing and online activities.
“They could have wreaked havoc on our systems,” said Marc Frons, the paper’s chief information officer told the Times. “But that was not what they were after.”
Even though attackers installed 45 pieces of custom malware, only once did antivirus products made by Symantec (SYMC) discover and quarantine the dangerous software, the Times said, citing an analysis by its security firm Mandiant.
Shares of the New York Times Co. (NYT), the paper’s parent company, jumped 2.19% to close at $8.86 on Thursday, leaving them up almost 4% on the year.
There have been a slew of known cyber attacks on major companies in recent years, including denial-of-service attacks that slowed the websites of big U.S. banks like J.P. Morgan Chase (NYSE:JPM and infiltrations of Google (GOOG) and the non-trading operations of Nasdaq OMX Group (NDAQ).
Saudi Arabia’s state-owned oil company, Saudi Aramco, also disclosed an attack last summer that destroyed some 30,000 workstations.