State-Sponsored Hacking Attacks Targeting Top News Organizations 19
An anonymous reader writes "Security engineers from Google have found that 21 out of the top 25 news organizations have been targeted by cyberattacks that are likely state-sponsored. We've heard about some high profile attacks on news sites, but Google actively tracks the countries that are launching these attacks, and even hosts email services for many of the news organizations. 'Huntley said Chinese hackers recently gained access to a major Western news organization, which he declined to identify, via a fake questionnaire emailed to staff. Most such attacks involve carefully crafted emails carrying malware or directing users to a website crafted to trick them into giving up credentials. Marquis-Boire said that while such attacks were nothing new, their research showed that the number of attacks on media organizations and journalists that went unreported was significantly higher than those made public.'"
"Chinese hackers" (Score:4, Insightful)
How hard is it for an intel agency or a security contractor to launch an attack in such a way as to falsely implicate a boogey-man such as "Chinese hackers"?
From the attacker's view... (Score:5, Insightful)
From the attacker's view, this largely makes sense. The 'top 25 news organizations' are all deeply biased towards keeping the government happy, and even we Kool Aid drinking Americans are aware of it.
To an outsider, they're probably pretty hard to distinguish from state-run news.
Re:"Chinese hackers" (Score:4, Insightful)
Depends on your standard of proof.
I suppose the best possible way is to hack the patsy's computer and use it to launch an attack. That could, in principle, be nearly impossible to distinguish from an attack initiated by the patsy; not without the investigators hacking into the patsy's computer themselves. I suppose if I were going to implicate some patsy in cybershenanigans I'd start by securing his system from everybody but me.
Once you've considered the possibility that an attack is frameup, you'd find yourself asking questions like, "Who would want to embarrass the New York Times AND get a Chinese engineering student into trouble? Well, another Chinese engineering student, I guess, but I wouldn't bet on it. The problem is that this kind of reasoning is extremely unreliable. One of the toughest lessons I've had to teach clients is that the motivations of attackers may not make any sense to you. In fact they probably won't.
Take the attack itself. What does it accomplish to deface an American's newspaper's website? It doesn't stop people from getting the news. It doesn't stop people from getting the paper's website for very long. It certainly doesn't do anything to change US Government policies or actions. All it does, in the end, is get some site admins into trouble with their bosses. Essentially, it accomplishes nothing.
But then, a lot of political stuff people do doesn't accomplish anything but make them feel like their doing something. So if we're going to criminally profile the hacker, what we've got is a technically clever stupid person. That is to say somebody who is good at figuring things out and persistent at problem solving, but not very good at choosing useful ways to apply that talent.
But there's a hell of a lot of people like that.