The New York Times says Chinese hackers have repeatedly launched cyber attacks against its website and journalists in the four months since the paper angered Beijing by posting an article exposing the wealth of a senior politician.
In a detailed report published on Thursday, January 31, the newspaper said hackers used tactics known to be employed by the Chinese military to break into its network and steal the email passwords of several senior reporters and other employees.
The paper said the attacks began about the same time it published a blockbuster October story detailing $2.7 billion allegedly accumulated by the family of outgoing Chinese Premier Wen Jiabao.
At the time, China reacted angrily to the story, which threatened the reputation of a leader known for his clean image. It immediately blocked the Times’ English and Chinese websites and threatened unspecified “consequences” for the story.
On Thursday, foreign ministry spokesperson Hong Lei called the hacking charges “irresponsible” and “baseless.”
“According to some investigative results, which showed no proof and had uncertain evidence and a baseless conclusion, China had participated in online attacks,” said Hong. “That is a totally irresponsible conclusion. China is also a victim of online attacks. China’s laws clearly ban online attacks.”
The Times says the hacking attempt was discovered, in part, by Mandiant, a computer security company, which alerted the Times to the cyber attacks just one day after the Wen Jiabao article was published.
The paper does not know how the hackers broke into its network, but it suspects they used an email to employees containing malicious links or attachments. It says they were soon able to steal the corporate passwords for “every Times employee.”
The hackers then used the passwords to access dozens of employees’ personal computers, with the apparent aim of finding the sources of information for the article. It says the primary target was Shanghai bureau chief David Barboza, who wrote the article.
Jill Abramson, executive editor of the Times, said hackers were not able to access sensitive emails or files from the article on Wen, which relied on publicly available records such as corporate documents. The paper also said no customer data was stolen.
The paper said when Mandiant security officials became aware of the attack, they allowed the hackers to “spin a digital web” for four months in an effort to discover their identity. The investigation showed that hackers tried to conceal their activities by routing their attacks through computers at universities in the United States. They also tried to hide their location by continually switching IP addresses, a code that identifies computers on a network.
Other details suggested that the source of the attacks was China. The paper said hacker teams regularly attacked the system beginning at 8 a.m. Beijing time, continuing for a standard work day.
According to published reports, Chinese hackers have conducted a growing number of attacks against foreign companies and government institutions in recent years, leading a recent U.S. congressional report to call China the “most threatening actor in cyberspace.”
Although the attacks are difficult to trace to a specific source, many suspect the hackers are targeting overseas business, media, political and security institutions at the direction of, or with the permission of, the Chinese government or military.
Recent data suggests the problem is only getting worse. A quarterly report last week from Akamai Technologies found that global cyber attacks originating from China more than doubled in the third quarter of 2012, compared to the previous three months. The study suggests that one-third of all cyber attacks now come from China.
Washington officials in recent months have warned of the dire threat posed by foreign computer hackers, including those in China. This week, the Pentagon moved to address those threats, increasing the size of its cyber security force by more than 4,000 people, up from the current 900.
The move comes just weeks after Defense Secretary Leon Panetta warned that the U.S. faces the possibility of a “cyber Pearl Harbor” attack that could disrupt the country’s power grid, transportation system and financial networks.