Chinese Hackers Attack the New York Times

Cyber war
Technology • Views: 26,859

Welcome to the new front: Chinese Hackers Infiltrate New York Times Computers.

SAN FRANCISCO — For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.

After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.

The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings.

Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing.

“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Jill Abramson, executive editor of The Times.

The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.

The attackers first installed malware — malicious software — that enabled them to gain entry to any computer on The Times’s network. The malware was identified by computer security experts as a specific strain associated with computer attacks originating in China. More evidence of the source, experts said, is that the attacks started from the same university computers used by the Chinese military to attack United States military contractors in the past.

Jump to bottom

74 comments
1 Awea  Wed, Jan 30, 2013 7:07:46pm

I guess they don’t like the pay wall.

2 Charles Johnson  Wed, Jan 30, 2013 7:08:48pm

This is why the US government is allocating major resources to cyber warfare.

3 Dark_Falcon  Wed, Jan 30, 2013 7:09:13pm

It’s a scary story, but at its root its ‘dog bites man’: Criticism-hating tyranny attacks the newspaper that published the details of its corruption. Even Especially given that, This is a story that people need to hear. And I say ‘Bravo!’ to the New York Times, for investigating corruption and hauling those who benefited from it into the cold light of day.

4 FemNaziBitch  Wed, Jan 30, 2013 7:11:26pm

Hope all US businesses that have plants and offices in China have upgraded their software and keep top-notch IT people on staff.

5 Dark_Falcon  Wed, Jan 30, 2013 7:12:01pm

re: #4 FemNaziBitch

Hope all US businesses that have plants and offices in China have upgraded their software and keep top-notch IT people on staff.

Quite Concur.

6 lawhawk  Wed, Jan 30, 2013 7:12:33pm

Just the other day the DoD announced that it was increasing the cyber unit from 900 to 4,900 over the next few years all while the Marine Corps was going to reduce its active duty force by 20,000.

The next Defense Secretary, Hagel or other, will be dealing with cyber warfare as another front. Reorienting to deal with these kinds of threats will pose all kinds of challenges, from identifying the problems and sources, securing necessary and critical infrastructure, repelling these kinds of attacks, and taking action where necessary.

7 lawhawk  Wed, Jan 30, 2013 7:15:00pm

re: #4 FemNaziBitch

Any password protected environment is only as secure as its weakest password.

If it’s written down, it’s not secure. And if someone is seeking to engage in corporate espionage, particularly at a nation-state level, then the possibility that they might use the employ of janitors or other kinds of staffers to gain access is plausible.

8 Belafon  Wed, Jan 30, 2013 7:16:15pm

This is the reason a lot of places have started resorting to a separate network unconnected to the internet.

9 FemNaziBitch  Wed, Jan 30, 2013 7:16:52pm

re: #7 lawhawk

Any password protected environment is only as secure as its weakest password.

If it’s written down, it’s not secure. And if someone is seeking to engage in corporate espionage, particularly at a nation-state level, then the possibility that they might use the employ of janitors or other kinds of staffers to gain access is plausible.

teehee, the last corporation I worked for was so far behind, they still had a generic password for most company systems that even low level cashiers, like me, accessed. Then they changed it to a personal logon. Then they made you change it every month. Man, people bitched about that last change.

ggt just shook head.

10 Dark_Falcon  Wed, Jan 30, 2013 7:16:56pm

re: #7 lawhawk

Any password protected environment is only as secure as its weakest password.

If it’s written down, it’s not secure. And if someone is seeking to engage in corporate espionage, particularly at a nation-state level, then the possibility that they might use the employ of janitors or other kinds of staffers to gain access is plausible.

Perhaps corporate offices needing high security should take a page from Japan and look into automating cleaning and maintenance functions. A cleaning robot can’t be bribed, after all.

11 FemNaziBitch  Wed, Jan 30, 2013 7:17:37pm

re: #10 Dark_Falcon

Perhaps corporate offices needing high security should take a page from Japan and look into automating cleaning and maintenance functions. A cleaning robot can’t be bribed, after all.

outsourcing jobs to robots, I see… .

LOL

12 Charles Johnson  Wed, Jan 30, 2013 7:18:07pm

LGF may not be the New York Times, but when I look at our access logs I see an astounding number of hack attempts originating in China.

13 Skandal  Wed, Jan 30, 2013 7:18:38pm

Interesting related article:

Unseen, all-out cyber war on the U.S. has begun

It appears a crippling cyber attack is just a matter of time.

14 engineer cat  Wed, Jan 30, 2013 7:19:12pm

malicious software

it’s just malicious because it suffered through a traumatic development process

15 dragonath  Wed, Jan 30, 2013 7:21:59pm

Well if an article about how great Hu Jintao is shows up on the LGF front page, I’ll know what happened…

16 Dark_Falcon  Wed, Jan 30, 2013 7:22:59pm

re: #11 FemNaziBitch

outsourcing jobs to robots, I see… .

LOL

In high security areas, yes. One good way to protect a high security area is to keep low level people out of it. Give the jobs of monitoring the robots to veterans who learned how to control robots in Iraq and Afghanistan and pay them properly for their work. That will improve security.

17 engineer cat  Wed, Jan 30, 2013 7:23:43pm

re: #16 Dark_Falcon

In high security areas, yes. One good way to protect a high security area is to keep low level people out of it. Give the jobs of monitoring the robots to veterans who learned how to control robots in Iraq and Afghanistan and pay them properly for their work. That will improve security.

but who will control the robot controllers?

18 Dark_Falcon  Wed, Jan 30, 2013 7:24:43pm

re: #17 engineer cat

but who will control the robot controllers?

A free and honorable citizen does not need to be controlled, for he controls himself.

19 FemNaziBitch  Wed, Jan 30, 2013 7:25:35pm

re: #16 Dark_Falcon

In high security areas, yes. One good way to protect a high security area is to keep low level people out of it. Give the jobs of monitoring the robots to veterans who learned how to control robots in Iraq and Afghanistan and pay them properly for their work. That will improve security.

Sounds more and more like some really sad dystopian Sci-Fi Novel setting.

20 Political Atheist  Wed, Jan 30, 2013 7:26:37pm

re: #12 Charles Johnson

Where I work is a little tiny nothing firm on the world stage. A speck of dust. But our logs in the sonicwall hub practically speak Chinese.

21 dragonath  Wed, Jan 30, 2013 7:28:50pm
22 Achilles Tang  Wed, Jan 30, 2013 7:30:49pm

re: #4 FemNaziBitch

Hope all US businesses that have plants and offices in China have upgraded their software and keep top-notch IT people on staff.

Hope away./

23 Dark_Falcon  Wed, Jan 30, 2013 7:30:53pm

re: #19 FemNaziBitch

Sounds more and more like some really sad dystopian Sci-Fi Novel setting.

How so? Cleaning work is never going to be highly paid work, so spies are always going to have someone who needs a big payday. Best not to allow low-paid people into the high security areas at all.

24 dragonath  Wed, Jan 30, 2013 7:33:01pm

re: #19 FemNaziBitch

Sounds more and more like some really sad dystopian Sci-Fi Novel setting.

Sounds like an ant farm.

25 steve_davis  Wed, Jan 30, 2013 7:34:15pm

re: #3 Dark_Falcon

It’s a scary story, but at its root its ‘dog bites man’: Criticism-hating tyranny attacks the newspaper that published the details of its corruption. Even Especially given that, This is a story that people need to hear. And I say ‘Bravo!’ to the New York Times, for investigating corruption and hauling those who benefited from it into the cold light of day.

What would be hysterical is if the U.S. government timed things up so that it could hack Beijing’s major newspaper and insert the story about the corruption into an edition. Yes, it would probably be caught, but it would send the message that the U.S. is probably better at hacking than China is, so it might be best not to try that mess again.

26 JeffFX  Wed, Jan 30, 2013 7:34:56pm

re: #12 Charles Johnson

LGF may not be the New York Times, but when I look at our access logs I see an astounding number of hack attempts originating in China.

Do you get any legit traffic from China? If you don’t, blocking the whole country can save you a lot of hassle.

27 dragonath  Wed, Jan 30, 2013 7:35:27pm

re: #26 JeffFX

Do you get any legit traffic from China? If you don’t, blocking the whole country can save you a lot of hassle.

I think there are a few people posting from China here…

28 JeffFX  Wed, Jan 30, 2013 7:37:03pm

re: #27 dragonath

I think there’s are a few posters from China…?

In which case, don’t block. The strategy is only useful if you don’t expect legit traffic from a country with a high percentage of scammers of hackers.

29 dragonath  Wed, Jan 30, 2013 7:37:38pm

Now, Canada… block away!

30 JeffFX  Wed, Jan 30, 2013 7:39:58pm

re: #29 dragonath

Now, Canada… block away!

With their flopping heads and Celene Dion!

31 Feline Fearless Leader  Wed, Jan 30, 2013 7:40:19pm

re: #9 FemNaziBitch

teehee, the last corporation I worked for was so far behind, they still had a generic password for most company systems that even low level cashiers, like me, accessed. Then they changed it to a personal logon. Then they made you change it every month. Man, people bitched about that last change.

ggt just shook head.

A fun effect I have seen at two corporations with older computers mixed into their network are rules limiting password length to something like eight. Much easier to attack.

[Link: xkcd.com…]

Since I do app security I have conversations all the time with people about password requirements, resetting them, and handling the need for logging onto multiple applications, networks, etc. (Users love single sign-on, security people hate it.)

32 Feline Fearless Leader  Wed, Jan 30, 2013 7:41:37pm

re: #16 Dark_Falcon

In high security areas, yes. One good way to protect a high security area is to keep low level people out of it. Give the jobs of monitoring the robots to veterans who learned how to control robots in Iraq and Afghanistan and pay them properly for their work. That will improve security.

Or put a nice interface on the front-end for the cleaning drones that emulates Skyrim. Taking out mobs is emptying out trashcans.
;)

33 jamesfirecat  Wed, Jan 30, 2013 7:41:51pm

re: #29 dragonath

Now, Canada… block away!

////But what would we do for fun if we didn’t have Buck to argue with?

34 b_sharp  Wed, Jan 30, 2013 7:42:14pm

re: #29 dragonath

Now, Canada… block away!

hey!

35 b_sharp  Wed, Jan 30, 2013 7:43:02pm

re: #30 JeffFX

With their flopping heads and Celene Dion!

I’m surrounded.

36 HappyWarrior  Wed, Jan 30, 2013 7:43:18pm

re: #34 b_sharp

hey!

Can we make you a honorary American? :D

37 dragonath  Wed, Jan 30, 2013 7:43:20pm

Face it, half the country speaks French and your prime minister has the facial expression of a beached shark.

38 b_sharp  Wed, Jan 30, 2013 7:44:05pm

re: #36 HappyWarrior

Can we make you a honorary American? :D

Sure.

39 b_sharp  Wed, Jan 30, 2013 7:44:29pm

re: #37 dragonath

Face it, half the country speaks French and your prime minister has the facial expression of a beached shark.

Our PM is a beached shark.

40 HappyWarrior  Wed, Jan 30, 2013 7:49:58pm

re: #38 b_sharp

Sure.

Shit, I wasn’t expecting a yes. Uh have some apple pie and enjoy the baseball game.

41 NJDhockeyfan  Wed, Jan 30, 2013 7:52:54pm

What are the chances that some of the computers built in China come with factory installed malware before they are shipped out?

42 FemNaziBitch  Wed, Jan 30, 2013 7:53:02pm

ROE V. WADE did not affect birth rates, what it did affect is Maternal Mortality rates. Take the time to watch.

43 b_sharp  Wed, Jan 30, 2013 7:54:28pm

re: #40 HappyWarrior

Shit, I wasn’t expecting a yes. Uh have some apple pie and enjoy the baseball game.

Can I have pumpkin instead?

44 Dark_Falcon  Wed, Jan 30, 2013 7:55:07pm

re: #41 NJDhockeyfan

What are the chances that some of the computers built in China come with factory installed malware before they are shipped out?

Possible, but that’s a problem that can be guarded against: Build only components in China and install all software (including the operating system) in the US.

45 b_sharp  Wed, Jan 30, 2013 7:55:35pm

re: #41 NJDhockeyfan

What are the chances that some of the computers built in China come with factory installed malware before they are shipped out?

Dual BIOS? Pretty good chance I think.

46 NJDhockeyfan  Wed, Jan 30, 2013 7:59:25pm

re: #45 b_sharp

Dual BIOS? Pretty good chance I think.

That’s what I was thinking but I figure the smart geeks would know the right answer. .

47 Dark_Falcon  Wed, Jan 30, 2013 7:59:36pm

re: #43 b_sharp

Can I have pumpkin instead?

Sorry, but that’s only in the fall. We do have some raspberry pie available, also cherry and pecan pie. ;)

48 ReamWorks SKG  Wed, Jan 30, 2013 7:59:39pm

So that’s why all their editorials seem to be commie propaganda!

//

49 ReamWorks SKG  Wed, Jan 30, 2013 8:02:25pm

re: #12 Charles Johnson

LGF may not be the New York Times, but when I look at our access logs I see an astounding number of hack attempts originating in China.

And for good reason! If they can put a “drive by” exploit on a popular blog, they can infect a lot of websites. A lot of stale but otherwise legit Wordpress and other PhP sites get hacked so an exploit can be uploaded in the form of a file format exploit or java app and infect machines.

50 b_sharp  Wed, Jan 30, 2013 8:04:20pm

Time for this sick old Canuck to hit the hay.
Night folks.

51 NJDhockeyfan  Wed, Jan 30, 2013 8:06:47pm

Is it possible to return some sort of a Stuxnet present back to the computers that are hacking?

52 Dark_Falcon  Wed, Jan 30, 2013 8:16:32pm

re: #51 NJDhockeyfan

Is it possible to return some sort of a Stuxnet present back to the computers that are hacking?

That would be technically possible, but you’d be targeting Windows based PCs in most cases. If your virus got out of control it could become the computer equivalent of Captain Tripps.

53 Robert O.  Wed, Jan 30, 2013 8:17:14pm

Since LGF has nothing to do with China, and has never expressed any interest about China, I am guessing the only motivation to attack LGF server(s) is to use them as staging points for attacks on other sites that are of interest to the hackers?

54 Robert O.  Wed, Jan 30, 2013 8:19:13pm

When I was at university, the system administrator for my research group said that most attacks against us originated either from China or Israel. I took it that China may have interest in stealing research data (I was at an elite US university). I inquired about Israel, and the administrator said it was bored kids who downloaded hacking software and were testing their “skills.”

55 ProBosniaLiberal  Wed, Jan 30, 2013 8:20:41pm

re: #53 Robert O.

This just proves my point about China.

Time for punitive measures, and for us to cut the umbilical cord between us.

Raise Taxes, to pay off debt, and start working on ways to undermine China. Tibetans and Uyghurs maybe a place to start.

Also, end Students Visas to China. At the very least.

56 FemNaziBitch  Wed, Jan 30, 2013 8:22:00pm

re: #55 ProBosniaLiberal

This just proves my point about China.

Time for punitive measures, and for us to cut the umbilical cord between us.

Raise Taxes, to pay off debt, and start working on ways to undermine China. Tibetans and Uyghurs maybe a place to start.

Also, end Students Visas to China. At the very least.

I think that time as past. We need to accept that the future is here and China is it

57 HappyWarrior  Wed, Jan 30, 2013 8:24:14pm

re: #55 ProBosniaLiberal

This just proves my point about China.

Time for punitive measures, and for us to cut the umbilical cord between us.

Raise Taxes, to pay off debt, and start working on ways to undermine China. Tibetans and Uyghurs maybe a place to start.

Also, end Students Visas to China. At the very least.

I think isolating China will only make things worse IMO. There are no easy answers or solutions though.

58 Robert O.  Wed, Jan 30, 2013 8:26:45pm

re: #55 ProBosniaLiberal

…except it really doesn’t work that way. A trade war hurts both sides engaging in it, whereas everyone else benefits. China can still trade with the rest of the world which represents 95% of total population and 80% of economic size.

Also, I don’t see how getting Tibetans and Uyghurs to agitate against China would be of benefit to the US. There are plenty of divisions within US society (deepening every year) that China can exploit. I see relations with China as frenemies. Tit-for-tat is okay so long as the situation is kept under control. Any action which leads to a Cold War-like stand off is going to be destructive for both sides.

59 ProBosniaLiberal  Wed, Jan 30, 2013 8:26:51pm

re: #57 HappyWarrior

China has collapsed in the past. We just need to find a way to push them over the edge. Historically, they have never been more than a Second-Class Power.

And believe me, a world led by China is not one I want to live under.

Whip up nationalistic fervor around China. Start promoting the stories of cruelty, malice, and treachery from their current government.

60 Mich-again  Wed, Jan 30, 2013 8:28:12pm

Chinese Hackers.. I think that term applies best to the folks in Beijing who have to breathe in all the air pollution.

61 ProBosniaLiberal  Wed, Jan 30, 2013 8:28:16pm

re: #58 Robert O.

I want China to pay for what they have done to the Uyghurs and Tibetans.

I loathe the PRC so goddamn much.

62 FemNaziBitch  Wed, Jan 30, 2013 8:31:20pm

re: #61 ProBosniaLiberal

I want China to pay for what they have done to the Uyghurs and Tibetans.

I loathe the PRC so goddamn much.

So, you are willing to ruin the world economy to satisfy your hate?

63 HappyWarrior  Wed, Jan 30, 2013 8:31:51pm

re: #59 ProBosniaLiberal

China has collapsed in the past. We just need to find a way to push them over the edge. Historically, they have never been more than a Second-Class Power.

And believe me, a world led by China is not one I want to live under.

Whip up nationalistic fervor around China. Start promoting the stories of cruelty, malice, and treachery from their current government.

I don’t think any of us wants to live in that world either but the old adage be careful of what you wish for applies here. An unstable China could be more dangerous than the status quo. I don’t blame you for loathing their government. It’s one of the most tyrannical ones in the world but China spliterred may not necessary be the best thing either. Breaking up the USSR hasn’t done away with tyranny and cronyism in Russia for example. That said, I’d love to see the Chinese people have real representative democracy one day but that’s a long way away.

64 Dark_Falcon  Wed, Jan 30, 2013 8:35:16pm

re: #59 ProBosniaLiberal

China has collapsed in the past. We just need to find a way to push them over the edge. Historically, they have never been more than a Second-Class Power.

And believe me, a world led by China is not one I want to live under.

Whip up nationalistic fervor around China. Start promoting the stories of cruelty, malice, and treachery from their current government.

PLL, don’t propose ideas likely to result in major wars. Such wars always do immense damage to humanity and are best avoided.

Remember also that there are many people in the US of Chinese origins. They would take that kind of hostility as bigotry against them, and such a policy would likely spawn such bigotry, given the flaws of human nature.

65 HappyWarrior  Wed, Jan 30, 2013 8:41:16pm

To latch back on to the subject of isolation. Consider North Korea. Probably the most isolated country in the world and I don’t think it’s a coincidence it’s one of the most tyrannical. Making a country into an effective autarky I think only makes things worse. You want to encourage pro-Democratic movements in these countries? Fine, I’m all aboard but I’m not for overt attempts to disrupt the economy of a huge player on the global economic market. And sorry to continue on this but I’ll use China itself as an example here and I hate to praise Nixon but China was a lot worse than it is now(I know hard to imagine) before Nixon and Kissinger did what they did. The worst excesses of Mao Zedong took place before trade was opened up. Now, China still has a looooooong way to go but I don’t think isolating dictatorships is smart policy.

66 Mich-again  Wed, Jan 30, 2013 8:50:18pm

We need China if for no other reason than the fact that they supply the entire free world with rare earth metals. Someday the huge rare earth mines in Afghanistan will come online and then China will come down a notch. But not till then.

67 Dark_Falcon  Wed, Jan 30, 2013 9:19:29pm

re: #66 Mich-again

We need China if for no other reason than the fact that they supply the entire free world with rare earth metals. Someday the huge rare earth mines in Afghanistan will come online and then China will come down a notch. But not till then.

We can mine rare earth metals here in the US and we should start doing so again.

68 HappyWarrior  Wed, Jan 30, 2013 9:31:58pm

re: #67 Dark_Falcon

We can mine rare earth metals here in the US and we should start doing so again.

Fine by me if mining companies accept that those miners will need a strong union.

69 austin_blue  Wed, Jan 30, 2013 9:33:30pm

re: #55 ProBosniaLiberal

This just proves my point about China.

Time for punitive measures, and for us to cut the umbilical cord between us.

Raise Taxes, to pay off debt, and start working on ways to undermine China. Tibetans and Uyghurs maybe a place to start.

Also, end Students Visas to China. At the very least.

Pfft. I want the brightest Chinese students to study here and stay here to start new businesses and be the next Sergei Brin. I want to rob China of their best and brightest.

70 Chrysicat  Wed, Jan 30, 2013 9:39:39pm

re: #67 Dark_Falcon

And the fact that such mining makes the despoliation of open-pit coal mining look good?

Can we really afford having half the country look like West Virginia?

71 LWNJ  Wed, Jan 30, 2013 9:54:27pm

re: #69 austin_blue

Pfft. I want the brightest Chinese students to study here and stay here to start new businesses and be the next Sergei Brin. I want to rob China of their best and brightest.

This. Bright Chinese students (and the competition is so fierce that only the brightest generally get here) are strongly motivated to stay once they’re here. Not always, of course… but often.

72 wheat-dogghazi  Thu, Jan 31, 2013 1:37:21am

re: #27 dragonath

Yeah, like me. I’ve been vacationing and haven’t been online much the last 10 days. To my surprise, I can access LGF from where I am in Guangdong.

73 JeffFX  Thu, Jan 31, 2013 10:51:12am

re: #69 austin_blue

Pfft. I want the brightest Chinese students to study here and stay here to start new businesses and be the next Sergei Brin. I want to rob China of their best and brightest.

I’d like to see China’s best and brightest stay and reform their country. A very large percentage of the world population depends on the Chinese government.

74 hellosnackbar  Thu, Jan 31, 2013 3:26:55pm

One wonders whether the Chinese systems are being hacked by the CIA.
If they’re not then they should be.
What Charles has revealed demonstrates intelligence gathering of contributers to this blog!
The nosy bastards!


This article has been archived.
Comments are closed.

Jump to top

Create a PageThis is the LGF Pages posting bookmarklet. To use it, drag this button to your browser's bookmark bar, and title it 'LGF Pages' (or whatever you like). Then browse to a site you want to post, select some text on the page to use for a quote, click the bookmarklet, and the Pages posting window will appear with the title, text, and any embedded video or audio files already filled in, ready to go.
Or... you can just click this button to open the Pages posting window right away.
Last updated: 2023-04-04 11:11 am PDT LGF User's Guide RSS Feeds

Help support Little Green Footballs!

Subscribe now for ad-free access!Register and sign in to a free LGF account before subscribing, and your ad-free access will be automatically enabled.

Donate with
PayPal Cash.app
Recent PagesClick to refresh
Texas County at Center of Border Fight Is Overwhelmed by Migrant Deaths EAGLE PASS, Tex. - The undertaker lighted a cigarette and held it between his latex-gloved fingers as he stood over the bloated body bag lying in the bed of his battered pickup truck. The woman had been fished out ...
Cheechako
Yesterday
Views: 86 • Comments: 0 • Rating: 0