Richard Bejtlich tweeted yesterday that what was rare about the NYT hack was not that it happened but that they dicslosed so much. On a related point, I think this is pretty rare - in the course of reporting the NYT story, the WSJ disclosed almost as an aside that it had been notified of a breach:
In the most recent incident, the Journal was notified by the FBI of a potential breach in the middle of last year, when the FBI came across data that apparently had come from the computer network in the Journal's Beijing bureau, people familiar with the incident said.
The Journal hired consultants to investigate the matter and uncovered a major breach in which hacking groups—it wasn't clear whether they were working together—entered the company's networks, in part through computers in the Beijing office, people familiar with the situation said. The hackers then infiltrated the paper's global computer system, the people said.
Among the targets were a handful of journalists in the Beijing bureau, including Jeremy Page, who wrote articles about the murder of British businessman Neil Heywood in a scandal that helped bring down Chinese politician Bo Xilai, people familiar with the matter said. Beijing Bureau Chief Andrew Browne also was a target, they said.
The Journal began an investigation to track the cyberspies. The probe watched where the hackers went within the Journal's computer networks, what information they were interested in and how deeply they had penetrated.
A number of computers were totally controlled by outside hackers, who had broad access across the Journal's computer networks, people familiar with the matter said.
The investigation couldn't determine the full extent of the information that was spied on by the hackers, they said. The company's computer specialists erased several hard drives in Beijing last year.
Comments