The attackers have been targeting the newspaper's systems for the last 4 months
For the last four months, Chinese hackers have been persistently attacking the computer systems of The New York Times.In October 2012, shortly after The New York Times had published an article which focused on the family riches of China’s Prime Minister Wen Jiabao, Chinese authorities blocked both the English and the Chinese versions of the media company’s website.
However, as it turns out, China took things even further. Shortly after the publication of the article, cybercriminals presumably located in China began stealing the passwords of The Times employees with the aid of malware.
The Times had been using Symantec products to protect its systems against cyberattacks, but the antivirus software managed to identify only one piece of malware, while 45 pieces of custom malware evaded detection.
After monitoring their every move, the newspaper managed to block out the hackers. However, while they had access to the company’s systems, the attackers could have caused some serious damage.
They could have gained access to a lot of sensitive information and even attempt to shut down The Times’ computer systems completely.
However, evidence suggests that the hackers were simply after information related to the article published on Prime Minister Wen Jiabao’s wealth.
Particularly, they appeared to be after the correspondence of the head of the Shanghai bureau, David Barboza, the one who wrote the article on the Chinese PM.
In order to cover their tracks, the hackers compromised several computers located at various US universities and Internet service providers. They utilized these machines to carry out their operation.
Mandiant, the company hired by The New York Times to investigate the incident, says the attackers appear to be associated with the Chinese military.
China’s Ministry of National Defense denies the accusations, arguing that the country’s legislation prohibits such attacks.