Forgot your password?
typodupeerror
Security The Media

State-Sponsored Hacking Attacks Targeting Top News Organizations 19

Posted by Soulskill
from the tip-of-the-iceberg dept.
An anonymous reader writes "Security engineers from Google have found that 21 out of the top 25 news organizations have been targeted by cyberattacks that are likely state-sponsored. We've heard about some high profile attacks on news sites, but Google actively tracks the countries that are launching these attacks, and even hosts email services for many of the news organizations. 'Huntley said Chinese hackers recently gained access to a major Western news organization, which he declined to identify, via a fake questionnaire emailed to staff. Most such attacks involve carefully crafted emails carrying malware or directing users to a website crafted to trick them into giving up credentials. Marquis-Boire said that while such attacks were nothing new, their research showed that the number of attacks on media organizations and journalists that went unreported was significantly higher than those made public.'"
This discussion has been archived. No new comments can be posted.

State-Sponsored Hacking Attacks Targeting Top News Organizations

Comments Filter:
  • "Chinese hackers" (Score:4, Insightful)

    by Anonymous Coward on Friday March 28, 2014 @02:26PM (#46605021)

    How hard is it for an intel agency or a security contractor to launch an attack in such a way as to falsely implicate a boogey-man such as "Chinese hackers"?

    • by Anonymous Coward

      Not very hard at all.

    • by hey! (33014) on Friday March 28, 2014 @03:19PM (#46605427) Homepage Journal

      Depends on your standard of proof.

      I suppose the best possible way is to hack the patsy's computer and use it to launch an attack. That could, in principle, be nearly impossible to distinguish from an attack initiated by the patsy; not without the investigators hacking into the patsy's computer themselves. I suppose if I were going to implicate some patsy in cybershenanigans I'd start by securing his system from everybody but me.

      Once you've considered the possibility that an attack is frameup, you'd find yourself asking questions like, "Who would want to embarrass the New York Times AND get a Chinese engineering student into trouble? Well, another Chinese engineering student, I guess, but I wouldn't bet on it. The problem is that this kind of reasoning is extremely unreliable. One of the toughest lessons I've had to teach clients is that the motivations of attackers may not make any sense to you. In fact they probably won't.

      Take the attack itself. What does it accomplish to deface an American's newspaper's website? It doesn't stop people from getting the news. It doesn't stop people from getting the paper's website for very long. It certainly doesn't do anything to change US Government policies or actions. All it does, in the end, is get some site admins into trouble with their bosses. Essentially, it accomplishes nothing.

      But then, a lot of political stuff people do doesn't accomplish anything but make them feel like their doing something. So if we're going to criminally profile the hacker, what we've got is a technically clever stupid person. That is to say somebody who is good at figuring things out and persistent at problem solving, but not very good at choosing useful ways to apply that talent.

      But there's a hell of a lot of people like that.

      • by poity (465672)

        Take the attack itself. What does it accomplish to deface an American's newspaper's website?

        The article doesn't say anything about defacement, it actually says that journalists themselves were the targets. I assume being able to penetrate a journalist's work account is one of the first steps to either subsequently penetrating that journalist's personal accounts elsewhere, or to build a profile in order to create false identity elsewhere. The first could be used to reveal current sources, and the latter could be used to ensnare future sources.

        Everyone is on high alert to stopping their own Snowden

        • by hey! (33014)

          Good catch. We have to distinguish between vulnerabilities and threats. The exploitation of a vulnerability tells us next to nothing. Some people will twist a doorknob without thinking. But if someone particularly targets certain assets, like reporter email and phone logs, you can use that along with who the attacker targets to infer some pretty solid things about him.

          Journalists *should* have been on high alert years before Snowden, because their number one most dangerous threat a court order demandin

      • Re:"Chinese hackers" (Score:4, Interesting)

        by lgw (121541) on Friday March 28, 2014 @03:51PM (#46605677) Journal

        One of the toughest lessons I've had to teach clients is that the motivations of attackers may not make any sense to you. In fact they probably won't.

        Indeed: "all politics is local". People have a hard time understanding this. Why does someone launch a terrorist attack against the US? It will be something involving the people that they socialize with, and the usual motivations of status, respect, dignity and so on. It may in some very distant way be a response to US actions, but don't look for direct "they killed my parents, and I've spent my life seeking the six-fingered man" motivations.

        When attacks (cyber or otherwise) are local, motivations are usually straightforward and understandable, but when the target is very distant, it will be something that makes a lot of sense in the attackers' community, but with the distance in geography and culture, it can be totally opaque to you. There may be nothing you can do to not be the target of choice, if you're successful and well known like a media property. No, they don't hate you because you're successful, but their distant community knows you exist and you thus give them bragging rights because you're successful.

    • by flyneye (84093)

      Isnt the whole concept sort of akin to breaking into someones house to steal the contents of their toilet?

  • by BobMcD (601576) on Friday March 28, 2014 @02:43PM (#46605169)

    From the attacker's view, this largely makes sense. The 'top 25 news organizations' are all deeply biased towards keeping the government happy, and even we Kool Aid drinking Americans are aware of it.

    To an outsider, they're probably pretty hard to distinguish from state-run news.

  • So what? Are they going to start replacing the sensationalized drivel, designed to keep us divided against each other, with factual stories or something?

    As a person who typically avoids the "Top news organizations," I have a really, really hard time A) understanding what the problem is, and B) caring.

    • by click2005 (921437) *

      The problem is that Google seems to be routinely reading the email accounts of people working at 'Top News Organizations'. This isn't just random automated scanning but a deliberate invasion of privacy.

  • by Anonymous Coward

    The "problem" here is that e-mail is such a mind-boggling useful way to communicate that its benefits outweigh its security risks. Yes there are lots of solutions (if only everyone would implementing them), but what is really needed is a new mind-boggling useful communication tool that is secure by design.

    And it ain't some closed proprietary system like Facebook or Twitter.

    captcha: distort

  • "Most such attacks involve carefully crafted emails carrying malware or directing users to a website crafted to trick them into giving up credentials"

1 Mole = 25 Cagey Bees

Working...