Is New York Times Hacking Just the Beginning?

[WestVirginiaRebel]

Daily Beast:

Who or what is APT-12—and why should Western companies be On Wednesday night, The New York Times announced it had been the target of attacks from hackers in China for the past four months. The attacks followed an investigation by Times reporter David Barboza into the personal wealth of Chinese Premier Wen Jiabao. Times officials said the Chinese government had warned that the piece on Wen’s relatives would “have consequences,” which triggered the newspaper’s executives to ask AT&T to watch their network for unusual activity.worried?

The hackers were able to steal the corporate passwords of every Times employee, as well as break into the personal computers of 53 employees.

In an interview Thursday, an executive with the computer-security company the Times hired to stop the attack says the breach reflects an alarming difference between Western and Chinese hackers.

Richard Bejtlich, chief security officer of Alexandria, Va.-based Mandiant, says the firm has identified the group internally as APT-12 (APT stands for Advanced Persistent Threat). “The very big picture is the Chinese government conducts state activities that are not the same as the West,” he tells The Daily Beast. “They’re going after things we don’t.”

In the West, he explains, attacks are aimed at military facilities and intelligence communities. But Chinese hackers go after civilian targets, such as media organizations, banks, defense contractors, and law firms (if a particular company is too difficult to break into, Bejtlich says, “they go to [their] law firm or a supplier” for information). One reason for this difference in perspective: in China, these groups are state-owned, unlike in the West.

While the Times says investigators still don’t know how the hackers initially broke in, it suspects it was a “spear phishing” attack, which means emails with malicious links or attachments were sent to employees. Once inside the system, the tools can be used to steal tons of data and capture passwords, keystrokes, screen images, documents, and, in some cases, recordings from computers’ microphones and Web cameras. Some consultants told the Times that the methods used in the attack have been associated with the Chinese military in the past.

________

 

Hacker wars.