In the wake of news that the New York Times‘ computer networks were infiltrated by Chinese cyber spies, three more news organizations have reportedly had their networks infiltrated as part of what is being described as a broad campaign of espionage targeting American media companies.
The Wall Street Journal reports that its networks were infiltrated, “apparently to monitor its China coverage.” The Journal also quotes a spokeswoman for Thomson Reuters PLC saying the Reuters news service was hacked twice last year.
Today, security journalist Brian Krebs reports that the Washington Post was hit, as well. According to a former Post information technology employee, Krebs reports:
“[A]ttackers compromised at least three servers and a multitude of desktops, installing malicious software that allowed the perpetrators to maintain access to the machines and the network.
“They seemed to have the ability to do anything they wanted on the network. ‘They transmitted all domain information (usernames and passwords),’ the former Post employee said on condition of anonymity. ‘We spent the better half of 2012 chasing down compromised PCs and servers. [It] all pointed to being hacked by the Chinese. They had the ability to get around to different servers and hide their tracks. They seemed to have the ability to do anything they wanted on the network.'”
Security companies and government investigators responded to the breach, Krebs reports. And in a move that is sure to raise eyebrows in the Post newsroom, particularly among reporters covering national security and cyber espionage, “experts from the National Security Agency and Defense Department took one of the Post’s servers for forensic analysis.”
Krebs doesn’t say whether the FBI was involved with the Post investigation. Presumably the bureau would have the lead in a case such as this. The Defense Department has the biggest and arguably most sophisticated computer forensics agency in the government, but the FBI has that capability, as well. It’s not immediately clear why DOD agencies would take the computer equipment. But the DOD could be assisting the FBI.
