The Washington Post joins the ranks of other major US media organizations that have been targeted by cybercriminals. Similar to The New York Times and The Wall Street Journal, The Post also believes that the attackers are based in China.
Brian Krebs was the first to break the news on Friday. Krebs cited a former Post information technology employee who said the paper’s networks were attacked throughout 2012.
While it’s not clear what the hackers have stolen, it’s believed they’ve stolen usernames and passwords, including the ones of administrators, and gained access to the entire network.
According to a report published by The Washington Post, the cybercriminals first gained access to the company’s systems back in 2008 or 2009.
Then, in 2011, Mandiant – the security company contracted to secure The Post’s systems – neutralized a command and control server associated with a Chinese hacker collective.
The unnamed employee who talked to Krebs revealed that a computer was turned over to the National Security Agency and the Defense Department for forensic analysis, but The Post’s representatives say they’re “confident that did not happen.”
Krebs reports that The Washington Post also used antivirus software from Symantec. In the case of The New York Times, Symantec representatives argued that organizations which want to make sure that their systems are properly protected, can’t rely only on antivirus software.
Chinese officials failed to comment on the accusations. However, in the case of NYT and WSJ, they strongly denied having any involvement, arguing that the country’s laws strongly prohibit hacking.
In response to the numerous cyberattacks originating from China, the US government is seriously considering taking stronger action.
Unnamed officials have revealed that after the National Intelligence Estimate is released, the Obama administration might impose certain sanctions, such as the cancelation of some visas and even import restrictions.