Welcome to WebmasterWorld Guest from 54.196.232.162

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

Chinese Hackers Break Into New York Times Over Four Months

     
3:23 pm on Jan 31, 2013 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:22308
votes: 239


It's an interesting article, and also worth noting that the team at NYT were monitoring the activity and thereby strengthening their defences.

For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.

After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.

Chinese Hackers Break Into New York Times Over Four Months [nytimes.com]
The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.

The attackers first installed malware — malicious software — that enabled them to gain entry to any computer on The Times’s network. The malware was identified by computer security experts as a specific strain associated with computer attacks originating in China.
4:08 pm on Jan 31, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:June 14, 2010
posts:985
votes: 0


Doh! I just made a comment in another thread about trusting sites like theirs and not worrying about running Javascript on them.
6:29 pm on Jan 31, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:June 14, 2010
posts:985
votes: 0


That link posted by engine didn't allow me access. It's behind a paywall. Here's an alternate for others who may not be able to get in either [foxbusiness.com...] Period
9:00 pm on Jan 31, 2013 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member henry0 is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 19, 2003
posts: 4388
votes: 2


I get it delivered thus some account info are probably within reach.
Wondering if personal users details have been accessed?
9:14 pm on Jan 31, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:June 20, 2006
posts:1878
votes: 5


real world "hacking":
[shoemoney.com...]

most people use the same, easy password everywhere... snag it on place, and start...

we like to imagine we're secure and they're very smart, many times, we're stupid, and they're just smart enough to know that about us.
4:02 am on Feb 1, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member

joined:Apr 14, 2010
posts:3169
votes: 0


Rhino, linking a two year old Shoemoney article that tells people how to hack?

I think the topic is more about how the NYTimes handled an attack than to teach people how to hack.

Anyway, my question is why are these people above the law? Surely we have good enough relations with China to help them get the mud off their name when it comes to being accused of hacking scandals? A little justice and punishment would go a long way and had the perpetrator lived in the U.S. they'd be in court or jail already.
3:06 pm on Feb 1, 2013 (gmt 0)

Full Member

5+ Year Member

joined:July 13, 2007
posts:235
votes: 0


I work in a university, and I've actually been monitoring an extreme and increasing number of hacking attempts against our public-facing site recently--on the order of 150 malicious requests per day, and this directed at a fairly small university. Many attempts were very sophisticated and targeted at known vulnerabilities in our specific CMS, and even specific components and plugins within our CMS.

If we hadn't beefed up our security lately, our server would have been compromised as well. As it stands, we've been monitoring and blacklisting IP addresses at the rate of about 10 per day, mostly from China, though there's been a frightening number of attempts from other universities and US-based hosting companies as well.

Hopefully The Times' revelation will slow down the frantic attempts to compromise our server as well... Could just be wishful thinking on my part, though.
5:33 pm on Feb 1, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:June 20, 2006
posts:1878
votes: 5


the point of my post is that i'd bet a ton that people working at the NYT made it VERY easy for the bad guys to access their network.

and the point of making that point, use the same password everywhere, like most people, and you (almost) deserve to be "hacked".
5:36 pm on Feb 1, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:June 20, 2006
posts:1878
votes: 5


and the article doesn't teach people to hack, it reminds everyone that you're not actually hacked most often.

instead, you're lazy with passwords and security, you broadcast your data everywhere for anyone to see - they don't need to "hack" you, you're giving out your info.
3:35 pm on Feb 2, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 25, 2005
posts:989
votes: 1


that the team at NYT were monitoring the activity..

strongly doubt that. yeah, everything under control - says who? the nyt.
8:49 am on Feb 4, 2013 (gmt 0)

Full Member

10+ Year Member

joined:June 29, 2005
posts:216
votes: 0


Wouldn't it be great if the article itself was written and uploaded by the Chinese hackers themselves.
1:23 am on Feb 5, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Dec 27, 2004
posts:1666
votes: 35


that the team at NYT were monitoring the activity..

strongly doubt that. yeah, everything under control - says who? the nyt.


I know some very smart/sharp people that work in IT at NYT, and would not doubt that statement.
6:38 pm on Feb 8, 2013 (gmt 0)

New User

joined:Feb 7, 2013
posts:2
votes: 0


No doubt it is incredibly hard to confirm who is behind an internet attack like this.Even if China is identified as the kick off point of an attack,it doesn't actually confirm that it the function is supported by the China govt or intellect services.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members