In the Line of Fire: The Press Gets Hacked

Amy Larsen DeCarlo

Amy Larsen DeCarlo

Summary Bullets:

  • Press organizations, including The New York Times and The Wall Street Journal, strongly suspect that Chinese hackers infiltrated their networks looking for information on news sources and research.
  • These attacks – and private sector incidents – underscore the increasing prominence of politically, ideologically, and revenge-driven attacks in the threat environments.

2013 is starting where 2012 left off, with ideologically and politically motivated attacks making headlines, and in the case of a few recent high-profile breaches, making the news outlets that write those headlines extremely anxious.  The New York Times, The Wall Street Journal, and a number of other press organizations have publicized their own battles against what they suspect are politically backed hackers which have successfully breached their networks in search of data gathered on sources that exposed government scandals.  Though its government has denied any involvement, China specifically has been named for the role that attackers, suspected to be/accused of acting on its behalf, have played on hacking into journalist’s files in search of information used in articles on corruption and other political issues in China.

In The New York Times’ case, through its security providers Mandiant and AT&T, the press organization discovered that China-based hackers had taken e-mails, contact information, and files from more than more than two dozen journalists and executives at Western news organizations.  The hackers also reportedly kept a record of the journalists they were monitoring.  Other press organizations dealt with similar attacks.

The high-profile nature of the breached organizations highlights this set of attacks.  However, what might be most notable about these types of highly targeted attacks is just how common they are becoming and the diverse nature of the organizations attacked.  In its 2012 Infrastructure Security Report, released in late January 2013, distributed denial of service (DDoS) mitigation technology vendor Arbor Networks found that the top three drivers for DDoS attacks are politics, ideology, and revenge.  Judging from the attacks against the news organizations, these motivations extend beyond DDoS.

So, now essentially any organization that possesses data of a sensitive nature might find itself in the crosshairs of a cyber attacker.  This extends to high-profile entities that might be attractive targets to hackers looking to embarrass or avenge a perceived wrong doing.  Given that this increased risk could apply in theory to almost any organization, all enterprises need to reassess their security posture and reconsider their defenses.  Have incidents in the last few months caused you to re-evaluate your strategies?  If you have, what changes are you considering?

About Amy Larsen DeCarlo
As Principal Analyst for Security and Data Center Services at Current Analysis, Amy assesses the managed IT services sector, with an emphasis on security and data center solutions delivered through the cloud including on demand application and managed storage offerings.

What do you think?

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: