New York Times attacked by Chinese hackers

Chinese hackers have “persistently” infiltrated the New York Times for the last four months, the US paper says.

The New York Times said the attacks coincided with its report into claims that the family of Chinese Premier Wen Jiabao had amassed a multi-billion dollar fortune.

The hackers used methods which have been “associated with the Chinese military” to target the emails of the report’s writer, the paper said.

China’s foreign ministry dismissed the accusations as “groundless”.

“To arbitrarily assert and to conclude without hard evidence that China participated in such hacking attacks is totally irresponsible,” said spokesman Hong Lei.

“China is also a victim of hacking attacks. Chinese laws clearly forbid hacking attacks, and we hope relevant parties takes a responsible attitude on this issue.”

According to the New York Times, the hackers first broke into their computer system in September, as the report on Wen Jiabao was nearing completion.

The report, which was dismissed as a “smear” by the Chinese government, said Wen Jiabao’s relatives had amassed assets worth at least $2.7 billion through business dealings. It did not accuse the Chinese premier of wrongdoing.

China is sensitive about reports on its leaders, particularly when it comes to their wealth.

The New York Times said the hacking was focused on the computers of David Barboza, the paper’s bureau chief in Shanghai who wrote the report, and one of his predecessors, Jim Yardley.

Internet security firm Mandiant, which was hired by the Times to trace the attack, followed the hackers’ movements for four months, to try to establish a pattern and block them.

The hackers had installed malware which enabled them to access any computer using the New York Times network, steal the password of every employee, and access 53 personal computers, mostly outside the Times offices.

The security firm found that in an attempt to hide the origin of the attack, it had been routed through computers in US universities which, the paper said, “matches the subterfuge used in many other attacks that Mandiant has tracked to China”.

The Times said experts had found that the attacks “started from the same university computers used by the Chinese military to attack United States military contractors in the past”.

They found the hackers began working for the most part at 08:00 Beijing time.

Mandiant’s chief security officer, Richard Bejtlich, said that “if you look at each attack in isolation, you can’t say, <<This is the Chinese military>>,” but that the similar patterns and targets of the attacks indicated a connection.

“When you see the same group steal data on Chinese dissidents and Tibetan activists, then attack an aerospace company, it starts to push you in the right direction,” he said.

The paper said no personal data of staff or customers was stolen and that no attempt was made to shut down its website.

“They could have wreaked havoc on our systems,” said chief information officer Marc Frons. But he said what they appeared to be looking for were “the names of people who might have provided information to Mr. Barboza”.

There was also no evidence that sensitive emails or files on the Wen family had been accessed, or that the intruders had sought information unrelated to the Wen family, the paper said.