NATOSource is proudly sponsored by EADS North America
- Congo (DRC)
- Czech Republic
- North Korea
- Saudi Arabia
- South Africa
- South Korea
- Taiwan (ROC)
From Paul Harris and Jonathan Kaiman, Guardian: "This is business-as-usual from what we can tell for aspects of the Chinese government," said Marc Frons, head of the newspaper's digital technology and its chief information officer. Frons told The Guardian that the paper was expecting further such attempts to infiltrate its computer systems. "It is really spy versus spy," he said. "I don't think we can relax. I am pretty sure that they will be back. . . ."
An investigation by Mandiant, a cyber-security company hired by the New York Times, concluded that the hacks were likely part of an elaborate spy campaign with links to the country's military. The company traced the source of the attacks to university computers that the "Chinese military had used to attack United States military contractors in the past", the Times said.
Although the hackers gained passwords for every Times employee, Mandiant found that they only sought information that was related to the Wen story. "They were after David Barboza's source list; confidential names and numbers and looking to find out who he was talking to," said Frons.
The Times said it worked with telecommunications company AT&T and the FBI to trace the hackers after AT&T noticed suspicious activity on the paper's computer networks on 25 October, one day after the article appeared in print. A later analysis concluded that hackers initially broke into Times computers on 13 September when reporting for the Wen story was in its final pre-publishing stages. . . .
While the attack's surreptitious nature allows Chinese authorities to hide behind a veneer of deniability, security firms have discovered a number of uncanny similarities among such incidents. Most targeted groups could pose some threat to the Chinese government. They include American military contractors, Tibetan and Uyghur independence groups, activist networks, and lately, western media organizations. Bloomberg was hacked after publishing a similar exposé last summer. . . .
Cyber security companies suggest that the Chinese government and military employ a vast army of hackers, carrying out a covert spy campaign against organizations that it feels run counter to their interests. They operate in places like Shanghai and coastal Shandong Province, but usually avoid detection by tunnelling through easily-infiltrated computers at servers and universities in the United States. The New York Times investigation found that they typically begin working at 8am and adhere to a standard office schedule.
Their organizational structure is still unclear – the hackers could be on the People's Liberation Army's payroll, or just as easily be loosely-affiliated vigilante organizations operating with tacit government approval, like renegade consulting companies.
"If anything, the fact that these groups aren't being run by the Chinese government makes the problem worse," Bruce Schneier, a cybersecurity expert at a telecommunications company in London, wrote on the Discovery Channel's tech blog last year. "Without central political coordination, they're likely to take more risks, do more stupid things and generally ignore the political fallout of their actions."
The hackers frequently use a technique called "spear phishing," in which they send a piece of malware to a target via email; the hapless user may then download malicious files by clicking on a seemingly innocuous attachment. Chinese hackers have used this technique to compromise the Gmail accounts of senior US, South Korean and Australian government officials, and have attempted to access the White House's Military Office, home to the US's nuclear launch codes.
From Kevin Voight, CNN: Allegations that Chinese hackers infiltrated the computers of two leading U.S. newspapers add to a growing number of cyber attacks on Western companies, governments and foreign-based dissidents that are believed to originate in China, experts say.
According to one recent report, one in every three observed computer attacks in the third quarter of 2012 emanated from China.
Chinese officials have denied that Beijing has supported any cyber attacks, stressing that hacking is illegal in the country.
The New York Times reported Wednesday it had been the target of four months of cyber assaults, which started during an investigation by the newspaper into the wealth reportedly accumulated by relatives of the Chinese premier, Wen Jiabao. The Wall Street Journal said Thursday that its computer systems also had been infiltrated by Chinese hackers. (graphic: the Week)
The daily news of the world's most powerful alliance.
The views expressed in NATOSource are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.
Follow on Twitter: @NATOSource
"I am an enormous fan of NATOSource. I use it virtually every day, because it provides a wide variety of views, a solid base of factual knowledge, and keeps me in touch with the world of NATO."
(Graphics: Deutsche Welle and Reuters)
Most Popular NATOSource Posts
- Alliance Unity
- Allied Command Operations
- Allied Command Transformation
- Article 5
- Burden Sharing
- Capabilities Gap
- Chicago Summit
- Cyber Threats
- Defense Spending
- Energy Security
- High North
- Missile Defense
- NATO Defense Ministerials
- NATO Exercises
- NATO Ministerials
- NATO Operations
- NATO Partnerships
- NATO Response Force
- Nuclear Weapons
- Secretary General
- Smart Defense
- Special Forces
- Strategic Concept
- Transatlantic Relations
- United Nations
- Weapon Systems
- Associated Press
- Baltic Times
- Brussels blog
- Deutsche Welle
- EU Observer
- European Voice
- Financial Times
- Hurriyet Daily News
- International Herald Tribune
- Kyiv Post
- Le Monde Diplomatique
- Moscow Times
- New York Times
- Prague Daily Monitor
- Radio Free Europe
- Ria Novosti
- Russia Today
- Slovak Spectator
- St. Petersburg Times
- Times (London)
- Today's Zaman
- Wall Street Journal
- Washington Post
- American Enterprise Institute (AEI), United States
- Aspen Institute, United States
- Atlantic Council, United States
- Brookings Institution, United States
- Carnegie Endowment for International Peace, United States
- Cato Institute, United States
- Center for a New American Security (CNAS), United States
- Center for International Relations (CIR), Poland
- Center for Security Studies (CSS), Switzerland
- Center for Strategic and International Studies (CSIS), United States
- Center for Transatlantic Relations, United States
- Cicero Foundation, Netherlands
- Council on Foreign Relations, United States
- Danish Institute of International Studies (DIIS), Denmark
- EU Institute for Security Studies, France
- European Council on Foreign Relations, Bulgaria, France, Germany, Spain, UK
- European Institute, United States
- Fondation pour la Recherche Stratégique (FRS), France
- French Institute of International Relations (IFRI), France
- Fundacion para el Análisis y los Estudios Sociale (FAES), Spain
- German Council on Foreign Relations (DGAP), Germany
- German Marshall Fund of the United States, United States
- Grupo de Estudios Estratégicos (GEES), Spain
- Heritage Foundation, United States
- Hoover Institution, United States
- Institut de Relations Internationales et Stratégiques (IRIS), France
- Institute for Foreign Policy Analysis (IFPA), United States
- Institute for International and Security Affairs (SWP), Germany
- Instituto Affari Internazionali (IAI), Italy
- International Institute for Strategic Studies (IISS), United Kingdom
- Konrad Adenauer Stiftung, Germany
- Lemnitzer Center, United States
- Marshall Center, Germany
- Netherlands Institute of International Relations (Clingendael), Netherlands
- Norwegian Institute of International Affairs (NUPI), Norway
- RAND, United States
- Real Instituto Elcano, Spain
- Ridgway Center, United States
- Royal Institute of International Affairs (Chatham House), United Kingdom
- Royal United Services Institute (RUSI), United Kingdom
- Schuman Center (RSCAS), Italy
- Security & Defence Agenda (SDA), Belgium
- Strategy International (SI), Greece
- U.S. Institute of Peace, United States
- Woodrow Wilson International Center for Scholars, United States