Slashdot Mirror

← Back to Stories (view on slashdot.org)

State-Sponsored Hacking Attacks Targeting Top News Organizations

Posted by Soulskill on from the tip-of-the-iceberg dept.

An anonymous reader writes "Security engineers from Google have found that 21 out of the top 25 news organizations have been targeted by cyberattacks that are likely state-sponsored. We've heard about some high profile attacks on news sites, but Google actively tracks the countries that are launching these attacks, and even hosts email services for many of the news organizations. 'Huntley said Chinese hackers recently gained access to a major Western news organization, which he declined to identify, via a fake questionnaire emailed to staff. Most such attacks involve carefully crafted emails carrying malware or directing users to a website crafted to trick them into giving up credentials. Marquis-Boire said that while such attacks were nothing new, their research showed that the number of attacks on media organizations and journalists that went unreported was significantly higher than those made public.'"

13 of 19 comments (clear)

  1. "Chinese hackers" by Anonymous Coward · · Score: 4, Insightful

    How hard is it for an intel agency or a security contractor to launch an attack in such a way as to falsely implicate a boogey-man such as "Chinese hackers"?

    1. Re:"Chinese hackers" by Anonymous Coward · · Score: 1

      Not very hard at all.

    2. Re:"Chinese hackers" by hey! · · Score: 3, Insightful

      Depends on your standard of proof.

      I suppose the best possible way is to hack the patsy's computer and use it to launch an attack. That could, in principle, be nearly impossible to distinguish from an attack initiated by the patsy; not without the investigators hacking into the patsy's computer themselves. I suppose if I were going to implicate some patsy in cybershenanigans I'd start by securing his system from everybody but me.

      Once you've considered the possibility that an attack is frameup, you'd find yourself asking questions like, "Who would want to embarrass the New York Times AND get a Chinese engineering student into trouble? Well, another Chinese engineering student, I guess, but I wouldn't bet on it. The problem is that this kind of reasoning is extremely unreliable. One of the toughest lessons I've had to teach clients is that the motivations of attackers may not make any sense to you. In fact they probably won't.

      Take the attack itself. What does it accomplish to deface an American's newspaper's website? It doesn't stop people from getting the news. It doesn't stop people from getting the paper's website for very long. It certainly doesn't do anything to change US Government policies or actions. All it does, in the end, is get some site admins into trouble with their bosses. Essentially, it accomplishes nothing.

      But then, a lot of political stuff people do doesn't accomplish anything but make them feel like their doing something. So if we're going to criminally profile the hacker, what we've got is a technically clever stupid person. That is to say somebody who is good at figuring things out and persistent at problem solving, but not very good at choosing useful ways to apply that talent.

      But there's a hell of a lot of people like that.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
    3. Re:"Chinese hackers" by poity · · Score: 2

      Take the attack itself. What does it accomplish to deface an American's newspaper's website?

      The article doesn't say anything about defacement, it actually says that journalists themselves were the targets. I assume being able to penetrate a journalist's work account is one of the first steps to either subsequently penetrating that journalist's personal accounts elsewhere, or to build a profile in order to create false identity elsewhere. The first could be used to reveal current sources, and the latter could be used to ensnare future sources.

      Everyone is on high alert to stopping their own Snowden event, and I think that's a far simpler and more relevant explanation than "USA is trying to frame other countries by defacing its own news site"

      --
      your thin skin doesn't make me a troll
    4. Re:"Chinese hackers" by lgw · · Score: 3, Interesting

      One of the toughest lessons I've had to teach clients is that the motivations of attackers may not make any sense to you. In fact they probably won't.

      Indeed: "all politics is local". People have a hard time understanding this. Why does someone launch a terrorist attack against the US? It will be something involving the people that they socialize with, and the usual motivations of status, respect, dignity and so on. It may in some very distant way be a response to US actions, but don't look for direct "they killed my parents, and I've spent my life seeking the six-fingered man" motivations.

      When attacks (cyber or otherwise) are local, motivations are usually straightforward and understandable, but when the target is very distant, it will be something that makes a lot of sense in the attackers' community, but with the distance in geography and culture, it can be totally opaque to you. There may be nothing you can do to not be the target of choice, if you're successful and well known like a media property. No, they don't hate you because you're successful, but their distant community knows you exist and you thus give them bragging rights because you're successful.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    5. Re:"Chinese hackers" by hey! · · Score: 2

      Good catch. We have to distinguish between vulnerabilities and threats. The exploitation of a vulnerability tells us next to nothing. Some people will twist a doorknob without thinking. But if someone particularly targets certain assets, like reporter email and phone logs, you can use that along with who the attacker targets to infer some pretty solid things about him.

      Journalists *should* have been on high alert years before Snowden, because their number one most dangerous threat a court order demanding they reveal their sources. The courts could physically seize the equipment of the reporter and his employer and search them well before the NSA started recording everything everywhere.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
    6. Re:"Chinese hackers" by flyneye · · Score: 1

      Isnt the whole concept sort of akin to breaking into someones house to steal the contents of their toilet?

      --
      *Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
  2. From the attacker's view... by BobMcD · · Score: 5, Insightful

    From the attacker's view, this largely makes sense. The 'top 25 news organizations' are all deeply biased towards keeping the government happy, and even we Kool Aid drinking Americans are aware of it.

    To an outsider, they're probably pretty hard to distinguish from state-run news.

    1. Re:From the attacker's view... by ArcadeMan · · Score: 3, Funny

      In France, do they call Fox News "Faux News"?

      --
      Get free satoshi (Bitcoin) and Dogecoins
  3. ... And? by CanHasDIY · · Score: 1

    So what? Are they going to start replacing the sensationalized drivel, designed to keep us divided against each other, with factual stories or something?

    As a person who typically avoids the "Top news organizations," I have a really, really hard time A) understanding what the problem is, and B) caring.

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
    1. Re:... And? by click2005 · · Score: 1

      The problem is that Google seems to be routinely reading the email accounts of people working at 'Top News Organizations'. This isn't just random automated scanning but a deliberate invasion of privacy.

      --
      I am a free slashdotter. I will not be modded, blogged, DRM'd, patented, podcasted or RFID'd. My life is my own.
  4. E-Mail Communications by Anonymous Coward · · Score: 1

    The "problem" here is that e-mail is such a mind-boggling useful way to communicate that its benefits outweigh its security risks. Yes there are lots of solutions (if only everyone would implementing them), but what is really needed is a new mind-boggling useful communication tool that is secure by design.

    And it ain't some closed proprietary system like Facebook or Twitter.

    captcha: distort

  5. Most attacks involve Windows users .. by DTentilhao · · Score: 2

    "Most such attacks involve carefully crafted emails carrying malware or directing users to a website crafted to trick them into giving up credentials"