AT&T, security firm thwart Chinese hacker attack on New York Times’ networks

Tools

AT&T (NYSE: T) and Mandiant, a network security provider, stopped Chinese hackers attacking The New York Times' networks recently, the newspaper reported.

Following four months of attacks, the Times and its network partners AT&T and Mandiant say they have rid the hackers from the network and put in elements to prevent new attacks from ocurring.  

The attacks, explained the newspaper, began after article was published on Oct. 25 that said the relatives of Wen Jiabao, China's prime minister, had become wealthy during his tenure.

On Oct. 24, Chinese government officials told the Times that its investigation of Wen's relative's financial situation would "have consequences."

The Times then told AT&T, which monitors the newspaper's network, to look out for anything unusual.

When the article about Jiabao's relatives was published online on Oct. 25, AT&T told the Times that it had "noticed behavior that was consistent with other attacks believed to have been perpetrated by the Chinese military."

By installing malware on The Times' networks, the Chinese hackers were able to get access to any computer on the newspaper's network. AT&T and Mandiant said the malware was traced by back to attacks that began in China. Interestingly, the attacks were launched on the same computers the Chinese military used to attack U.S. military contractors in previous years.

Mandiant said in an intelligence report prepared for various clients in December, including the Times, that several investigations illustrated that Chinese hackers got access to "e-mails, contacts and files from over 30 reporters and executives at Western-based news organizations."

However, the Times isn't the only organization that's fallen victim to hackers. The U.S. Chamber of Commerce reported a network security breach in 2011. Although it took efforts to seal the issue, it later found out that a thermostat in a corporate apartment and a printer were still talking to computers in China.

China has become a hotbed of cyberattack activity in recent years. According to Akamai's State of the Internet report, about one-third of the world's cyberattack traffic in Q3 2012 originated in China.

For more:
- The New York Times has this article

Related articles:
Week in research: China tops cyberattack study; CIOs' role will change

Filed Under
fathers