homepage Welcome to WebmasterWorld Guest from 54.227.41.242
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

    
Chinese Hackers Break Into New York Times Over Four Months
engine




msg:4540946
 3:23 pm on Jan 31, 2013 (gmt 0)

It's an interesting article, and also worth noting that the team at NYT were monitoring the activity and thereby strengthening their defences.

For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.

After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.

Chinese Hackers Break Into New York Times Over Four Months [nytimes.com]
The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.

The attackers first installed malware — malicious software — that enabled them to gain entry to any computer on The Times’s network. The malware was identified by computer security experts as a specific strain associated with computer attacks originating in China.

 

SevenCubed




msg:4540966
 4:08 pm on Jan 31, 2013 (gmt 0)

Doh! I just made a comment in another thread about trusting sites like theirs and not worrying about running Javascript on them.

SevenCubed




msg:4541032
 6:29 pm on Jan 31, 2013 (gmt 0)

That link posted by engine didn't allow me access. It's behind a paywall. Here's an alternate for others who may not be able to get in either [foxbusiness.com...] Period

henry0




msg:4541084
 9:00 pm on Jan 31, 2013 (gmt 0)

I get it delivered thus some account info are probably within reach.
Wondering if personal users details have been accessed?

RhinoFish




msg:4541091
 9:14 pm on Jan 31, 2013 (gmt 0)

real world "hacking":
[shoemoney.com...]

most people use the same, easy password everywhere... snag it on place, and start...

we like to imagine we're secure and they're very smart, many times, we're stupid, and they're just smart enough to know that about us.

Sgt_Kickaxe




msg:4541178
 4:02 am on Feb 1, 2013 (gmt 0)

Rhino, linking a two year old Shoemoney article that tells people how to hack?

I think the topic is more about how the NYTimes handled an attack than to teach people how to hack.

Anyway, my question is why are these people above the law? Surely we have good enough relations with China to help them get the mud off their name when it comes to being accused of hacking scandals? A little justice and punishment would go a long way and had the perpetrator lived in the U.S. they'd be in court or jail already.

WesleyC




msg:4541442
 3:06 pm on Feb 1, 2013 (gmt 0)

I work in a university, and I've actually been monitoring an extreme and increasing number of hacking attempts against our public-facing site recently--on the order of 150 malicious requests per day, and this directed at a fairly small university. Many attempts were very sophisticated and targeted at known vulnerabilities in our specific CMS, and even specific components and plugins within our CMS.

If we hadn't beefed up our security lately, our server would have been compromised as well. As it stands, we've been monitoring and blacklisting IP addresses at the rate of about 10 per day, mostly from China, though there's been a frightening number of attempts from other universities and US-based hosting companies as well.

Hopefully The Times' revelation will slow down the frantic attempts to compromise our server as well... Could just be wishful thinking on my part, though.

RhinoFish




msg:4541503
 5:33 pm on Feb 1, 2013 (gmt 0)

the point of my post is that i'd bet a ton that people working at the NYT made it VERY easy for the bad guys to access their network.

and the point of making that point, use the same password everywhere, like most people, and you (almost) deserve to be "hacked".

RhinoFish




msg:4541505
 5:36 pm on Feb 1, 2013 (gmt 0)

and the article doesn't teach people to hack, it reminds everyone that you're not actually hacked most often.

instead, you're lazy with passwords and security, you broadcast your data everywhere for anyone to see - they don't need to "hack" you, you're giving out your info.

moTi




msg:4541778
 3:35 pm on Feb 2, 2013 (gmt 0)

that the team at NYT were monitoring the activity..

strongly doubt that. yeah, everything under control - says who? the nyt.

bhonda




msg:4542198
 8:49 am on Feb 4, 2013 (gmt 0)

Wouldn't it be great if the article itself was written and uploaded by the Chinese hackers themselves.

blend27




msg:4542406
 1:23 am on Feb 5, 2013 (gmt 0)

that the team at NYT were monitoring the activity..

strongly doubt that. yeah, everything under control - says who? the nyt.


I know some very smart/sharp people that work in IT at NYT, and would not doubt that statement.

Alexander8100




msg:4543895
 6:38 pm on Feb 8, 2013 (gmt 0)

No doubt it is incredibly hard to confirm who is behind an internet attack like this.Even if China is identified as the kick off point of an attack,it doesn't actually confirm that it the function is supported by the China govt or intellect services.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved