Washington Post: We Were Also Hacked By the Chinese 135
tsu doh nimh writes "A sophisticated cyberattack targeted The Washington Post in an operation that resembled intrusions against other major American news organizations and that company officials suspect was the work of Chinese hackers, the publication acknowledged on Friday. The disclosure came just hours after a former Post employee shared information about the break-in with ex-Postie reporter Brian Krebs, and caps a week marked by similar stories from The New York Times and The Wall Street Journal. Krebs cites a former Post tech worker saying that the publication gave one of its hacked servers to the National Security Agency for analysis, a claim that the Post's leadership denies. The story also notes that the Post relied on software from Symantec, the same security software that failed to detect intrusions at The New York Times for many months."
Yea. Me Too. (Score:3, Insightful)
I need some attention too!
What I have derived form this past weeks revelations.
1. The Chinese have no problem gaining access to what ever computer networks they wish to.
2. They seem to be most interested in themselves, kinda like creeping other people's Facebook to see what they say about you.
3. So far, they haven't found anything worth their time.
4. Organizations seem to feel that since they discovered something on their networks, they have discovered everything on their networks.
5. Fail.
The Onion says Me Too, too! (Score:3)
The Onion, America's Finest News Source, recently posted an article saying they'd also given all their passwords to the Chinese.
Re:Yea. Me Too. (Score:4, Funny)
NPR had a great story on this yesterday, but since you most news is propaganda, you must ask these ignorant questions.
Your ignorance breeds unto itself.
Re: (Score:2)
You make excuses for your ignorance by claiming sources are false, when they have repeatedly been proven.
Instead you let someone else filter your information, forming your opinion for you.
Lets hope you never make a major life decision that will affect others.
Re: (Score:3, Insightful)
Well someone said so anyway. I guess you got it from newsclown.
I've heard enough verifiable bullshit over the years from NPR to see that it's just an ad agency for aging hippies.
Re: (Score:2)
Where can I find this newsclown? Can I get a deposit back on mine?
Re: (Score:2)
Re:Yea. Me Too. (Score:5, Interesting)
These newspapers have been reporting embarrassing things. Like members of the Communist Party and their family members have vast wealth – implying that this wealth is coming from inside contacts and use (or abuse) of official power. The Communist Party would be interested in who is leaking the details.
Re: (Score:2)
So, why can't they use a stolen credit card number to get to the premium/pay stories?
Doesn't add up.
Re:Yea. Me Too. (Score:5, Insightful)
Your missing the point. The fact is that somebody is hacking into the paper to figure out who the journalist's sources are.
So, it's not the average Chinese citizen trying to read the paper – it's about finding who the journalist are, what their sources are, etc – the stuff a government would need to harasses and shut down the people who are leaking the data.
Re: (Score:2)
Ahh thats better an actual answer rather than the newclown defense league.
Now it would be funny to find the newspapers hacked China...
Re: (Score:2)
Define “Hack”. Are not investigative journalist suppose to investigate? Unearth buried and unpleasant truths? Being a “hack” used to be slang for being a journalist. A low class one interested in sensationalist stories, but still...
Re: (Score:2)
I'm still waiting for computer saavy newsclowns, they seem to still be stuck on the tubes and pipes thing.
Re: (Score:1)
U.S. Defense Secretary Warns of a Possible 'Cyber-Pearl Harbor' [slashdot.org].
So, no, it's simple. The USA declared "Cyber War" on the USA so some "attacks" are required to be reported. These don't have to be real though, just reported.
Re: (Score:1)
Re: (Score:2)
I'm going to guess they mostly came up empty-handed. I doubt reporters would keep such information on the Post's systems -- either because they're technophobic, or paranoid that someone else at the post would steal their sources, or perhaps in a few cases worried about the US government subpoenaing the information.
Wen Jiarbo has $2 billion? (Score:1)
The Premiere of the PRC managed to sock away $2 billion in various banks, including the US banks, in violation of anti-corruption laws in China and the US. All the while, the average rural Chin family cannot afford medical care or education and still works for coolie wages in this Communist paradise. Do you think this might be embarrassing to the Communist Party? They are not hacking to fix the problem. They are hacking to find out who squealed.
Re: (Score:3, Insightful)
You are assuming it was the Chinese government. So far I have not seen a shred of evidence to support that. There is some circumstantial evidence that the attacks may have originated from China, possibly.
It would actually make a lot more sense if it were hackers hired by the politician who has been the subject of these embarrassing stories. Of course it might just be the Chinese equivalent of Anonymous.
Re:Yea. Me Too. (Score:4)
You are assuming it was the Chinese government. So far I have not seen a shred of evidence to support that. There is some circumstantial evidence that the attacks may have originated from China, possibly.
It would actually make a lot more sense if it were hackers hired by the politician who has been the subject of these embarrassing stories.
OK, did I just read your whole comment to learn that you think there's not "a shred of evidence" that it was the government, but instead you believe it was hackers hired by the government? I think I can smell my brain dying.
Of course it might just be the Chinese equivalent of Anonymous.
Do you have any idea how things work in China? Just think for a minute: Great Firewall of China, ring any bells? Go find some bandwidth statistics and see how hard it is for the Chinese to get access to fast internet connections, compared to places like South Korea or Japan. And if there really were some underground internet hacker movement composed of individuals in China -- and there isn't -- why on Earth would they attack Western newspapers, which mostly tell the truth, and not their own newspapers, which never do?
Re: (Score:2)
OK, did I just read your whole comment to learn that you think there's not "a shred of evidence" that it was the government, but instead you believe it was hackers hired by the government? I think I can smell my brain dying.
A politician acting for themselves is not the same as the state deciding to sanction something. When a US politician goes to jail that doesn't mean that the government committed a crime or endorsed his behaviour.
Re:Yea. Me Too. (Score:5, Insightful)
This is China - the lines between government, party, industry, and politician are a bit blurred. For example, IIRC, the Army reports to the party - not to the government. Elections are limited and managed. etc.
Re: (Score:2)
"the lines between government, party, industry, and politician are a bit blurred"
That almost sounds like a description of Japan, too!
Re:Yea. Me Too. (Score:4)
A politician acting for themselves is not the same as the state deciding to sanction something. When a US politician goes to jail that doesn't mean that the government committed a crime or endorsed his behaviour.
OK, my guess was right. You really don't understand how things work in China. My recommendation is that you go to the library, grab back issues of some reputable news source (The Economist might be a good place to start) and read up on everything you can find about the last Chinese national election. Along the way you'll learn a lot about how free Chinese politicians are to act independently. (TL;DR - China ain't the US.)
Also, just think about what you're suggesting. This isn't some politician giving an order to have some hapless old man thrown in prison. That kind of thing happens all the time in China, and nobody ever hears about it. What you're saying, though, is that some lone politician, acting completely independently and on his own initiative, hired hackers to launch an attack on the two largest, most respected newspapers in the United States. Not even the largest companies -- the largest newspapers. Exactly how was this supposed rogue, lone wolf politician planning to cover up what he did?
Re: (Score:2)
So by your logic the US got a blowjob in the Oval Office.
The government is not one man, even in China. If it this did happen and was ever proven he would be forced out at the very least, if not prosecuted, even in China.
I think you need to do some reading about China. My girlfriend is Chinese as it happens, so I have some interest in this subject. There is corruption and lawbreaking, but the official policy is to clamp down on it. It will be ignored until it can no longer be ignored (because incontrovertibl
Re: (Score:2)
There is corruption and lawbreaking, but the official policy is to clamp down on it.
Oh, why didn't you tell us? There's a policy against it? Then surely it never happens. /eyeroll
Re: (Score:2)
The government is not one man, even in China. If it this did happen and was ever proven he would be forced out at the very least, if not prosecuted, even in China.
OK, now I think you're intentionally being thick.
Let's recap: You are the one suggesting that this was the work of one man, acting alone. I am the one telling you that this is virtually impossible, and an attack of this kind would never be done without official government sanction. So explain to me what your new argument is now, because you sure as hell sound like you're making my point for me.
I think you need to do some reading about China. My girlfriend is Chinese as it happens, so I have some interest in this subject.
I bow before the superior intellect, Khan.
It will be ignored until it can no longer be ignored (because incontrovertible proof is made public), at which point the powers that be will come down hard.
Yeah? And just when would that proof be made public. You mean the kind of
Re: (Score:2)
You claim that it is "virtually impossible" is laughable. Apparently you missed all the attacks by small groups of hackers, up to and including the theft of 250,000 Twitter account details a few days ago.
I bow before the superior intellect, Khan.
You really are a dick, aren't you?
You mean the kind of "made public" like when the newspapers you attacked run stories about it and the entire world knows about it?
So they both have motivation to prevent that happening. What is your point again?
I can tell logic and reading comprehension are not your strong points.
Re: (Score:2)
Devil's Advocate, and tinfoil hat time: How do we know this isn't a sophisticated false flag operation, by our own government? This could be exactly what is needed to try convince the public to support new over-reaching laws giving the government much more control over our Internet. Watch closely any new bills or regulations that follow this.
Re: (Score:2)
Re: (Score:2)
Yeah, if I were hacking some foreign state I'd be sure to start bang on 8:00 local time, just in case they didn't get the hint that it was my country doing it.
Re: (Score:2)
Re: (Score:2)
"What could they possibly want with the newspapers?
They don't control anything of value.
Most of the news is bullshit and propaganda.(probably less than in China, tho)
Are they trying to insert their own journalism?( as if anyone would notice)"
Think.
They are attempting to find and punish---extremely severely---any sources who gave information to the reporters. They are threatening the reporters. They are threatening the newspapers who publish information critical of the regime's power.
Re: (Score:2)
LOL, I defy them to carry out any threats to newsclowns!
Go on take your best shot! Buncha sissy Chinese hackers! Go on , I dare you!
Re: (Score:3)
Re: (Score:2)
Hey N.Y.Times and Wash. Post journalists are lucky. Send them! Dunno about the luck of the WSJ guys though, wouldn't they be too rich to be journalists if they were? But fair is fair, send them too!
Re: (Score:2)
Re: (Score:2)
Added Bonus: Exhumed remains of Hearst
Re: (Score:2)
Attack details? (Score:4, Interesting)
Has anyone seen any details on how to detect this specific method of attack, malware signatures, or similar? Cause that just might be of use, seeing the widespread nature of this.
Also, who hasn't been attacked? Bueller? Bueller?
Re: (Score:1)
I know a newspaper from a small Kansas town that hasn't been attacked. It's produced by a 80 year old man with his mechanical typewriter. Maybe these major American news organizations could learn a thing or two from him.
Re:Attack details? (Score:4, Funny)
I know a newspaper from a small Kansas town that hasn't been attacked. It's produced by a 80 year old man with his mechanical typewriter. Maybe these major American news organizations could learn a thing or two from him.
William Allen White?
--
Its all Post facto.
Re:Attack details? (Score:4, Interesting)
As for malware signatures, they've been increasingly ineffective for years. Attackers can buy AV as well, and it's easier for them to tweak their software to evade AV then it is for defenders to generate new signatures. AV's very good at protecting you from yesterday's attack. If you don't have a signature though, it usually takes month to identify a subverted host.
Re:Attack details? (Score:5, Interesting)
The Post doesn't seem to officially be divulging details. Sure, they're reporting on it now that the word is out through a former employee's blog citing an unnamed former employee (neither of those people are me) as a source, but the article actually has a Post spokesperson denying one of the claims of the article (that the Post handed over one of its servers to the NSA for study). This isn't the paper contradicting itself – it's what ethics look like in practice at a good newspaper. The paper can report on itself even when the top brass don't want to.
However, in the New York Times story on its own intrusion, it was stated that AT&T "monitors" the company's network and noticed unusual traffic patterns. AT&T alerted athe Times, who asked them to keep an eye on it, and then brought Mandiant in to consult.
Going back to The Post's story, the company's claim that it did not turn over a server to the NSA casts the issue of China hacking U.S. newspapers in a new light... if you read between the lines. Newspapers (especially The Post and The Times) see themselves as a fiercely-independent check on the government. Watergate-era readers would be as appalled at the idea of The Post handing over servers to the NSA as MacWorld attendees were in the 90s at seeing Bill Gates's face on screen during Job's speech. From a PR perspective, it just looks wrong. China might actually do more to harm these papers by getting them to run into the arms of the U.S. government. It's one thing to think China may have found out you're talking to a reporter... Quite another to think both the U.S. and China may later discover you were the anonymous source for a story they didn't want out. It's unlikely that the NSA is rooting around the server looking for political whistleblowers, but the idea of it has a chilling effect on potential sources who think of The Post as the institution that protected Deep Throat's identity for decades, at great risk to itself.
Re: (Score:3)
This brand of cynicism is dull, and it creates its own form of self-fulfilling ignorance.
If nothing you see in the media is true and every journalist is a puppet of either advertisers or the government, then where do you get your news from, exactly?
There is only one possible answer, and that is: You make it up. You hear what people tell you, decide you're going to believe the opposite, and then you go around railing on the news for not saying what you believe.
In other words, you are a dolt.
Re: (Score:1)
Two consulate attacks happened on the same day, one by a protesting mob and one by ex-rebel fighters with all qaeda ties. This is in addition to many other mobs that gathered to protest the anti-islam video produced in the US. The attack was quick and I don't believe any of them identified themselves to allow it to be radioed back. There was confusion I'm sure, and the special mission in Benghazi and elsewhere should have had more security. It's a story, but I'm not sure it's as big as you've made it out to
Re: Attack details? (Score:2)
Hillary was talking about the immediate aftermath, not categorization in general.
In other news, ... (Score:1)
Let's just list the companies that have been verified not to have been attacked by the Chinese.
I figure... (Score:4, Insightful)
Symantec has probably been hacked by the Chinese too...
Conspiracy theory (Score:1)
Re:The Chinese, such ingenius hackers (Score:4, Insightful)
Why is obscuring the origin of their attacks their intent? Perhaps being tracked to China is one of the points of it.
It's like poisoning a dissident with polonium: the unmistakable message of "don't fuck with Putin".
Did they also hack Slashdot? (Score:5, Funny)
How is this not an act of war? (Score:4, Insightful)
I'm curious why repeated attacks "by the Chinese" have invoked no response from the government? It seems odd that we have US Companies being attacked on US soil and there's not even a peep about it.
I'm not saying bomb people but tis seems.....weird...
Re: (Score:3, Interesting)
Re: (Score:3)
Re: (Score:1)
Re:How is this not an act of war? (Score:4, Insightful)
Because...
(a) We can't be sure the attack originated in China, it could have simply been proxied through there (there are plenty of vulnerable Chinese systems).
(b) Even if it was, we can't prove it was organized by the Chinese government (there are plenty of non-state hackers in plenty of countries).
(c) Even if it was, lots of governments engage in low-level espionage (including your own) without significant diplomatic repercussions.
Gathering intelligence isn't typically considered an "act of war" unless it is seen as a prelude to invasion or otherwise causes physical harm.
If it was, intelligence agencies would have started World Wars 3 through 17 by now.
Re: (Score:1)
You forgot about the part where the current administration tends to minimize most things that would be considered "egg on the face" of any other administration. Most people will never know about this, and they definitely should.
They've got the media in their pockets, and they know it.
They've got most of *you* in their pocket, and we know it.
Let the illogical defending begin. Always fun to watch on slashdot.
Re:How is this not an act of war? (Score:4, Insightful)
(a) We can't be sure the attack originated in China, it could have simply been proxied through there (there are plenty of vulnerable Chinese systems).
...which were associated with Chinese military? These weren't random machines. The proxies the Chinese used were random machines in the US, and the attacks were traced back to machines associated with the Chinese govt. This has happened many times in the past, and we know of large Chinese military units engaged in cyber warfare. How many attacks like this have to happen before people realize what kind of war we are in?
Re:How is this not an act of war? (Score:5, Insightful)
Those of us who have traced APT through a few proxies (typically only one) back to a large building owned by various Chinese government agencies can assure you that a very large scale industrial espionage program is underway, with occasional sidelines into attempting to trace methods and sources. There are mountains of evidence, most of it feed into shredders under the instruction of corporate lawyers. And most US corporations are so dependent on deeply flawed Microsoft technologies and caught so deep in political games that most of the time they'd rather bury their head in the sand and ask subordinates to delete all evidence than actually do anything proper about it. IT is a cost center, and you can't demonstrate security ROI in a way that passes modern MBA scrutiny. All corporate divisions exist only to bump the stock price this quarter, which means we have to keep cutting cost and overhead. With few exceptions, investment is basically dead in the US corporate world.
Re: (Score:2)
If "IT is a cost center" then you're not doing it right.
Re: (Score:3)
How many attacks like this have to happen before people realize what kind of war we are in?
One in which nobody's died?
Re: (Score:2)
Re: (Score:2)
How many attacks like this have to happen before people realize what kind of war we are in?
You don't feel good you don't define a situation as being "at war", don't you?
Re: (Score:2)
Re: (Score:2)
(perhaps I should have replied to the OS24Ever OP) I'm a bit sick of the "being at war" ethos. In which:
* every attack is categorized as "being at war", disregarding how harmless or serious the attack actually is (I'd see Aaron Swartz as a victim of such a mentality: from where else the need "to make an example of him"?)
* "war on concepts" are no longer just metaphors
Without being a symptom that's unique and defining the "disease", it is highly consistent with "former giants about to fall": inability to
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I'm curious why repeated attacks "by the Chinese" have invoked no response from the government? It seems odd that we have US Companies being attacked on US soil and there's not even a peep about it.
I have three simple answers for you:
Re: (Score:3)
How do you know we're not doing anything about it?
Can someone remind me who wrote Stuxnet? (Score:2)
Can someone remind me who wrote Stuxnet? - and how is this any worse?
Re:Can someone remind me who wrote Stuxnet? (Score:4, Insightful)
One is trying to stop a religious dicatorship from making nuclear weapons.
The other is trying to intimidate people (and imprison them) who look into and talk about the corrupt financial shenanigans of a secular dictatorship.
If Stuxnet were directed at a German newspaper which printed a story about Dick Cheney's purloined billions, then it would be pretty comparable, but the U.S. government isn't actually going to do something like that, because, believe or not, some of the people in charge of doing the operation might believe it to be immoral.
Re: (Score:2)
Re: (Score:2)
Do you think any response has to be overt - there is more than one way to apply pressure as FDR said sneaking softly sometimes means you don't have to use the big stick.
Wrong Roosevelt.
Re: (Score:2)
Re: (Score:2)
I'm curious why repeated attacks "by the Chinese" have invoked no response from the government? It seems odd that we have US Companies being attacked on US soil and there's not even a peep about it.
"Citizen, you want to be safe of intrusion? Well, it's mandatory everybody releases to us their private encryption key..."
Would you still want govt to step in?
Re: (Score:2)
Saying something and doing something are not the same thing. If the government is doing something, talking about it would quite likely be very dumb.
Re: (Score:1)
No citations but let's assume you're right.
When the US does that, Slashdotters never say "Well [somebody else] does it too. This is a non-story." Rather, most of us are righteously indignant and critical of such actions. Now, When [somebody else] indeed has done it, it seems the general consensus is "The US does it too. This is a non-story"
How about some consistency in standards?
Probability (Score:1)
Re: (Score:3)
Kinda strange... (Score:1)
So do those people really think that the Chinese are the first to hack into their servers?
Something tells me they don't actually reveal that Americans have been hacking into their servers for years aswell, because they want to hype up the entire cyber-terrorism and warfare thing. You know, makes it easier for politicians to push through even more bills that kill off the internet.
Attack Vector(s)? (Score:1)
What, Security? (Score:1)
Golly, it's almost as if relying upon detection after the fact or at entry point is no real protection. Oh, but you say, defense in depth! Well, defense in depth is great. But, intrusion detection of the sort is like tissue paper when you might get thousands of attacks daily. The only real defense is actually having software that isn't e
Re: (Score:2)
Symantec, I wonder what goes on there. Hope the engineering is better than the fairly ridiculous adventure I had with customer service. I was reporting a bug in the "Verified" seals for my paying client: the web wizard generates the wrong seals because the product matrix has not kept up with the threeway conversion of Verisign, Symantec and Norton. On the fourth customer service rep I finally had someone who knew what he was talking about. Refreshingly, he was blunt and did not end by asking me if I had any
Blame the software? (Score:2)
THE CHINESE (Score:1)
That monolithic entity known only as THE CHINESE.
Odd that when Anonymous deface a bank's website we don't say THE AMERICANS hacked it.
Re: (Score:2)
Sophisticated? (Score:3)
This could cause some confusing headlines (Score:2)
If the main story on the front pages is "Hacked by Chinese", was that supposed to be the main story or is it just script kiddies bragging?
Looks like Bad Things DO Happen in Fours (Score:2)
Can we please get rid of that ridiculous expression?
Re:Looks like Bad Things DO Happen in Fives (Score:2)
Not only have 4 other bad things happened, we've also failed to get rid of that ridiculous expression!
Newspapers arrogant and bad at security? (Score:2)
Next thing you'll be telling me sometimes the government lies.
Re: (Score:2)
The Washington Post is a company that sells propaganda to suckers. They lie for a living. Why should anyone believe them now?
Citation please.
Re: (Score:2)
Thank you for sharing your opinion, Mr. Liddy.