From Wired and New York Times
The New York Times has been hacked, prompted by an investigation by the New York Times into the amassed fortune of Chinese Prime Minister Wen Jiabao's family.
The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. They apparently used the same university computers that hackers working for the Chinese military used previously to attack Defense Department contractors.
Security experts found evidence that the hackers stole the corporate passwords for every Times employee and used those to gain access to the personal computers of 53 employees, most of them outside The Times’s newsroom. Experts found no evidence that the intruders used the passwords to seek information that was not related to the reporting on the Wen family.
During the three months they were in the paper’s network, the attackers installed 45 pieces of custom malware, though nearly all of it went undetected. Although the newspaper uses antivirus products made by Symantec, the monitoring software identified and quarantined only one of the attacker’s tools during that time, according to the report.
Michael Higgins, chief security officer at The Times, said: “Attackers no longer go after our firewall. They go after individuals. They send a malicious piece of code to your e-mail account and you’re opening it and letting them in.”
