China Hackers Hit U.S. Media
Chinese hackers have been
conducting wide-ranging electronic surveillance of media companies
including The Wall Street Journal in an apparent effort to spy on
reporters covering China and other issues, people familiar with
incidents said.
Journal publisher Dow Jones & Co. said Thursday that the paper's computer systems had been infiltrated by Chinese hackers for the apparent purpose of monitoring its China coverage. New York Times Co. disclosed Wednesday night that its flagship newspaper also had been the victim of cyberspying.
Chinese hackers for years have targeted major U.S. media companies with hacking that has penetrated deep inside some newsgathering systems, several people familiar with the response to the cyberattacks said.
Tapping the computers of reporters at major outlets could allow the Chinese government to identify sources on articles as well as information about pending stories.
Chinese Embassy spokesman Geng Shuang condemned allegations of Chinese cyberspying. 'It is irresponsible to make such an allegation without solid proof and evidence,' he said. 'The Chinese government prohibits cyberattacks and has done what it can to combat such activities in accordance with Chinese laws.' He said China has been a victim of cyberattacks but didn't say from where.
The U.S. Federal Bureau of Investigation has been probing such media incidents for more than a year and considers the hacking a national-security matter. Investigators see it as part of a long-running pattern by a foreign entity to compromise the security of major U.S. companies, people familiar with the matter said.
Some evidence gathered in the probe suggested that the hacking was done by a single group that focused specifically on media companies, according to people familiar with the matter.
One person described the hacking as a swarm of relatively unsophisticated but persistent attempts to gain access.
'It's part of this overall story that the Chinese want to know what the West thinks of them,' said Richard Bejtlich, chief security officer with the computer-security company Mandiant Corp., which was hired by the New York Times to investigate its breach. 'What slant is the media going to take on them? Who are their sources?'
Mandiant, which is frequently retained by companies to respond to cyberinfiltrations, has seen roughly 30 reporters and their managers targeted in different incidents dating back to 2008.
Bloomberg LP on Thursday acknowledged, without providing details, that attempts had been made to infiltrate its systems but said its security wasn't breached. A spokeswoman for Thomson Reuters PLC said that its Reuters news service was hacked twice in August on its blogging platform. She said Reuters couldn't confirm the hacking source.
Computer-security firms that track Chinese cyberspying groups say that one of the roughly 20 groups they know about appears to specialize in the media industry.
'We know there are campaigns that are launched by specific groups targeting specific sectors,' said Shawn Henry, president of CrowdStrike Inc., a computer-security firm, and a former FBI cyberspace specialist. 'When governments are actively collecting intelligence, they have developed subject-matter experts in particular industries.'
The U.S. government has grown increasingly concerned about Chinese spying on the government and U.S. corporations, prompting U.S. intelligence agencies to issue a report a year ago calling Chinese hackers from the government and private sector the world's most 'active and persistent' perpetrators of industrial spying.
Google Inc. and EMC Corp. computer-security unit RSA, among others, have said that their systems have been infiltrated. People familiar with those breaches said they were connected to the Chinese government.
The intelligence report discussed the extensive theft of data from global energy companies and proprietary data such as client lists and acquisition plans at other companies.
Cyberspecialists said the goals of hacking can include industrial espionage, insider trading and tracking potentially damaging information.
'The Communist Party really fears information and they can see their control unraveling as people read about corruption and officials with huge bank portfolios,' said James Lewis, who advises lawmakers and the White House on cybersecurity issues. 'Information is an existential threat to these regimes.'
The New York Times in an article Thursday detailed how Chinese hackers had infiltrated its systems over the past four months and gained access to passwords belonging to reporters and other employees. The paper said it believed it had expelled the hackers from its system.
It is rare for companies to acknowledge hacking incidents because they fear that could hurt customer confidence and profits, corporate executives have said.
The Journal has faced hacking threats from China on and off during the past few years, said several people familiar with the Journal investigation.
In the most recent incident, the Journal was notified by the FBI of a potential breach in the middle of last year, when the FBI came across data that apparently had come from the computer network in the Journal's Beijing bureau, people familiar with the incident said.
The Journal hired consultants to investigate the matter and uncovered a major breach in which hacking groups─it wasn't clear whether they were working together─entered the company's networks, in part through computers belonging to business staff in the Beijing office, and from there infiltrated the global computer system, people familiar with the situation said.
Among the targets were a handful of reporters and editors in the Beijing bureau, including Jeremy Page, who wrote articles about the murder of British businessman Neil Heywood in a scandal that helped to bring down Chinese politician Bo Xilai, and Beijing Bureau Chief Andrew Browne, people familiar with the matter said.
The Journal began an investigation to track the cyberspies. The probe watched where the hackers went within the Journal's computer networks, what information they were interested in and how deeply they had penetrated.
A number of computers were totally controlled by outside hackers, who had broad access across the Journal's computer networks, people familiar with the matter said.
The investigation couldn't determine the full extent of the information that was spied on by the hackers, they said. The company's computer specialists wiped clean several hard drives in Beijing last year.
The Journal in recent weeks has been preparing measures to bolster security through the company's networks. This effort culminated this week with a companywide requirement to change passwords.
'Evidence shows that infiltration efforts target the monitoring of the Journal's coverage of China and are not an attempt to gain commercial advantage or to misappropriate customer information,' Paula Keve, a spokeswoman for Journal publisher Dow Jones, said in a written statement Thursday. Dow Jones is a unit of News Corp.
Data security is an 'ongoing issue,' Ms. Keve said. 'We continue to work closely with the authorities and outside security specialists, taking extensive measures to protect our customers, employees, journalists and sources.'
Her statement said that the Journal on Thursday completed a network overhaul to bolster security.
SIOBHAN GORMAN / DEVLIN BARRETT / DANNY YADRON
中國黑客入侵美國媒體電腦系統
知
情人士說﹐中國黑客對包括《華爾街日報》在內的媒體機構實施了大範圍的電子監控﹐目的明顯是對報道中國及其他問題的記者進行暗中監視。《華 爾街日報》的出版商道瓊斯公司(Dow Jones & Co.)週四說﹐這家報紙的電腦系統遭到了中國黑客的入侵﹐目的明顯是監控這家報紙對中國的報道。據紐約時報公司(New York Times Co.)週三晚間披露﹐該公司旗艦報紙同樣成為了網絡間諜活動的受害者。
幾名熟悉網絡入侵事件相關反應的人士說﹐中國黑客多年以來一直以主要的美國媒體機構為目標﹐其黑客活動曾深度入侵一些新聞採集系統。
通過進入主要媒體機構記者的電腦﹐中國政府可以確認文章中消息來源的身份﹐以及即將出版的報道的有關信息。
中國駐美國使館發言人耿爽曾經譴責外界對中國從事網絡間諜活動的指控。他說﹐這些說法缺乏事實依據﹐中國政府一貫反對並依法禁止和打擊包括網絡攻擊在內任何形式的網絡犯罪活動。他說﹐中國是黑客攻擊的主要受害者﹐但是沒有具體說明攻擊來自哪裡。
美國聯邦調查局(Federal Bureau of Investigation)一年多以來一直在調查這類媒體遭網絡入侵的事件﹐並將其視為損害美國利益的國家安全案件。知情人士說﹐調查人員認為這些活動是外國實體危害美國主要公司安全的長期行動的一部分。
知情人士說﹐調查中搜集到的一些證據顯示﹐黑客活動由一個單獨的小組實施﹐該組織的黑客活動專門針對媒體機構。
一名人士說﹐這些黑客活動包括大量相對不複雜、但是不間斷的行為﹐試圖得以進入系統。
電 腦安全公司Mandiant Corp.的首席安全長貝傑特里奇(Richard Bejtlich)說﹐這是中國為瞭解西方對它的看法而採取的行動。《紐約時報》已經聘請Mandiant調查該報網絡遭入侵事件。貝傑特里奇說﹐中國想 知道﹐媒體在報道中國事件時側重哪些方面?他們的消息來源是誰?
Mandiant經常幫助一些公司應對網絡入侵活動。該公司發現﹐在2008年以來的多起黑客事件中﹐已有大約30名記者及其主管成為網絡入侵的目標。
彭 博(Bloomberg LP)週四承認﹐曾有黑客試圖侵入其系統﹐但未獲成功。此外彭博沒有透露更多細節。湯森路透(Thomson Reuters PLC)的發言人說﹐路透社(Reuters news service)的博客平台去年8月兩次被入侵。這位發言人說﹐路透無法確認攻擊源頭。
跟蹤中國網絡間諜組織的計算機安全公司說﹐他們知道的大概20個組織中﹐有一個似乎專門對媒體業下手。
計算機安全公司CrowdStrike Inc.總裁、前美國聯邦調查局網絡專家亨利(Shawn Henry)說﹐我們知道有一些入侵活動﹐由以特定行業為攻擊目標的特定組織發起。他說﹐當政府積極收集情報時﹐他們就已經培養出了特定行業的專家
美國政府越來越擔心中國間諜對它和美國企業的監視。為此﹐美國情報機構一年前發佈報告稱﹐來自政府和私營行業的中國黑客是全世界從事工業間諜最活躍、最頑固的作案者。
谷歌公司(Google Inc.)和數據存儲服務提供商EMC Corp.旗下計算機安全公司RSA等說﹐它們的系統曾被入侵。知情人士說﹐入侵事件與中國政府有關。
那份報告談到了大量資料失竊事件﹐涉及全球能源公司數據、客戶名單等專有資料及其它公司的收購計劃等。
網絡專家說﹐攻擊的目標包括工業間諜、內幕交易以及追蹤可能造成破壞的信息。
就網絡安全問題向美國議員和白宮提供咨詢服務的劉易斯(James Lewis)說﹐共產黨對於信息是非常害怕的﹐隨著人們看到有關腐敗和官員擁有巨額銀行存款的信息﹐他們會覺得自己的控制力開始瓦解。他說﹐信息對這些政權而言是種“存在性威脅”。
《紐約時報》在週四的一篇文章里詳細描述了中國黑客如何在過去四個月滲透其系統並獲取了記者和其他員工的密碼。該報說﹐它認為已將黑客逐出公司系統。
企業高管曾說﹐公司一般很少會承認受到黑客襲擊﹐因為它們擔心這會影響客戶信心和公司業績。
據數位瞭解《華爾街日報》調查的人士說﹐《華爾街日報》過去幾年時不時受到來自中國的黑客攻擊威脅。
據知情人士透露﹐在最近的一起事件中﹐去年年中美國聯邦調查局通知《華爾街日報》其網絡可能遭入侵﹐當時美國聯邦調查局意外發現了貌似來自《華爾街日報》北京分社電腦網絡的數據。
知情人士說﹐《華爾街日報》聘請顧問調查此事﹐經調查發現了一起重大網絡入侵活動﹐多個黑客組織(不清楚是否聯手)侵入該公司的網絡﹐有些是通過北京辦事處商業人員的電腦入侵的﹐並進一步入侵其全球電腦系統。
知情人士說﹐黑客攻擊的目標包括北京分社的一些記者和編輯﹐包括裴傑(Jeremy Page)和北京分社社長班安祖(Andrew Browne)。裴傑曾撰文報道英國商人海伍德(Neil Heywood)被謀殺一事。這起醜聞幫助將中國高官薄熙來拉下馬。
《華爾街日報》隨後展開調查﹐對這些網絡間諜進行追蹤。調查監測黑客在《華爾街日報》電腦網絡內都去過哪裡﹐他們對哪些信息感興趣﹐他們的入侵程度有多深。
知情人士說﹐一些電腦完全被外部黑客所控制﹐黑客可以暢通無阻地訪問《華爾街日報》的電腦網絡。
他們說﹐調查無法確定黑客監視的信息的全部範圍。該公司的電腦專家去年將北京分社的多個硬盤數據清空。
《華爾街日報》近幾週一直準備採取措施通過該公司的網絡加強安全。這項行動本週達到高潮﹐公司要求全體員工更改密碼。
《華爾街日報》發行商道瓊斯公司發言人凱韋(Paula Keve)週四在一份書面聲明中說﹐有證據顯示﹐入侵行動旨在監視《華爾街日報》對中國的報道﹐而不是為了獲得商業利益或是盜取客戶信息。道瓊斯公司是新聞集團(News Corp.)的子公司。
凱韋說﹐數據安全是一個持續的問題。我們繼續與有關部門和外部安全專家密切合作﹐採取廣泛措施保護我們的客戶、員工、記者和消息來源。
她在聲明中說﹐《華爾街日報》週四完成了旨在加強安全的網絡更新。
- International Internet capacity: New data flows highlight the relative decline of the West
Related:
Hooking up
SIOBHAN GORMAN / DEVLIN BARRETT / DANNY YADRON
(更新完成)
台湾の光海底ケーブル建設を受注 NEC
NECは台湾の中華電信から新たな光海底ケーブル建設を受注した。
今回受注したのは、台湾北部の桃園と馬祖の2都市を結ぶケーブルと、台湾南部の台南から澎湖を経由して台湾海峡を越えた金門の3都市を結ぶケーブ ル。総距離約510キロメートルの光海底ケーブルを供給し、約13カ月で敷設工事を行う予定だ。NECは2000年9月にも同様の無中継光海底ケーブル 「TPKM2」を納入している。
NECは、米Tyco Telecommunications、仏Alcatel-Lucentとともに世界の三大海底ケーブルベンダー。
沒有留言:
張貼留言