The New York Times has concluded an IT Security investigation lasting 4 months, uncovering a slew of persistent cyber attacks that have pulled employee passwords and granted full access to sensitive files. The investigation was launched after cyber attacks were reported in late October following a report on China’s prime minister, Wen Jiabao, who’s relatives have amassed a considerable fortune as a result of ‘business dealings’.
The results of the Security sweep yielded evidence of Chinese Hackers utilized methods associated with the Chinese military. Among the Email accounts that were compromised was Shangai bureau chief David Barboza, who wrote the reports on the prime minister’s relatives as well as the former bureau chief in Beijing. According to Jill Abramson, executive editor of the Times, “…no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied.”
The attacks were masked through the infiltration of computers at United States universities, routing their efforts through them, according to Mandiant, the security firm hired by The Times. This M.O. matches the majority of attacks traced back to China. In addition, the attacks originated from the same university computers used by the Chinese military to attack U.S. military contractors previously. In total, 53 employees personal computers were compromised.
China’s Ministry of National Defense has already issued a statement, concluding that “to accuse the Chinese military of launching cyber attacks without solid proof is unprofessional and baseless.” Security experts and foreign policy experts are saying that the increasing number of cyber attacks traceable to China in the past year hints at an intelligence-gathering agenda aimed at both censoring China’s public image and possibly obtaining trade secrets.