A hack on journalists shows the breadth of China's espionage efforts
A multiyear email breach at News Corp. publications shows the massive scope of Chinese hackers’ intelligence gathering.
The hackers, who are likely tied to the Chinese government, gained access to emails and documents from reporters and others at publications including the Wall Street Journal, the New York Post and News UK, Aaron Gregg and Eva Dou report. They were rooting around in those systems since at least February, 2020, the Journal’s Alexandra Bruell, Sadie Gurman and Dustin Volz report.
“There is just no country that presents a broader threat to our ideas, our innovation, and our economic security than China,” FBI Director Christopher Wray said in a speech last week, in which he described over 2,000 FBI investigations focused on Chinese theft of U.S. data.
The News Corps. hackers accessed documents that would be of high interest to Chinese officials including those related to stories about Taiwan, China’s Uyghur Muslim minority which the White House has said are the focus of Beijing-backed human rights abuse, and Biden administration efforts to ramp up protections against Chinese technology, Dustin noted on Twitter.
The hacks affected “scores of reporters,” some of whom had documents compromised related to 20 or more news stories, he said.
The Journal has notified reporters about specific stories that were compromised, the paper said. The investigation so far suggests subscriber information wasn’t breached.
There’s no definitive evidence China was behind the breach, but there’s a clear “China nexus,” said David Wong, vice president of the cyber firm Mandiant, which is helping News Corp. respond to and remediate the breach. He described the hackers as “likely involved in espionage activities to collect intelligence to benefit China’s interests.”
Despite the huge breadth of Chinese cyber activity, the nation has typically shrugged off claims about specific hacks — often arguing it's too difficult to prove anyone's responsible for anything in the shadowy world of cyberspace. U.S. officials dispute that claim and some industry reports have provided highly detailed evidence of Chinese hacking operations.
In this case, Chinese embassy spokesman Liu Pengyu denied Chinese involvement, saying China “firmly opposes and combats cyberattacks and cyber theft in all forms.”
“We hope that there can be a professional, responsible and evidence-based approach to identifying cyber-related incidents, rather than making allegations based on speculations,” he said.
The good news: The hack appears to be limited to emails and Google docs including some reporters' article drafts. That means the hackers likely didn’t access the most sensitive conversations with sources, which security experts urge reporters to conduct using encrypted messaging apps.
However: Sensitive information can certainly creep into reporters’ emails, either because of accidents or carelessness or because analysts can deduce such information by putting together otherwise innocuous clues.
“You can draw some pretty good inferences from a pattern of email behavior,” a Journal staffer told CNN’s Oliver Darcy when describing a sense of alarm among staffers at the newspaper.
This is just the latest China-linked hack to hit media.
- China-linked hackers penetrated both the New York Times and the Wall Street Journal in 2013, focused at least in part on monitoring the newspapers’ China coverage.
- A 2015 China-linked hack of information from more than 20 million current and former federal employees at the Office of Personnel Management also scooped up information about numerous reporters who were accredited to enter federal buildings.
Media has been a target for other governments as well.
- Iranian efforts to influence the 2020 election included attempting to break into the computers of a company that manages content management systems for numerous U.S. newspapers, according to Justice Department indictments. The Wall Street Journal identified the company as Lee Enterprises, which owns the Richmond Times-Dispatch and the Omaha World-Herald among other newspapers.
- Pegasus spyware developed by the Israeli company NSO Group has routinely been used to target journalists working in repressive nations as well as political dissidents and civil society activists, according to an investigation by The Post and media partners.
North Korea stole tens of millions of dollars in cryptocurrency as it ramped up missile program, the U.N. reports
The country stole more than $5 million in cryptocurrency from exchanges in North America, Europe and Asia, a U.N. member state told sanctions experts who monitor North Korea. Cyberattacks, particularly with the goal of stealing cryptocurrency, “remain an important revenue source” for Pyongyang, they said in a confidential report seen by Reuters’s Michelle Nichols.
Sanction monitors also cited a report by cryptocurrency analysis firm Chainalysis that found that North Korean hackers stole almost $400 million in digital assets last year.
The report comes in the wake of a busy month for North Korea’s missile program, which carried out nine tests in January. North Korea has “demonstrated increased capabilities for rapid deployment, wide mobility (including at sea), and improved resilience of its missile forces,” the monitors said.
Defense contractors’ spotty cybersecurity records may spell trouble for new Pentagon rules
A Pentagon review of 220 defense contractors found that three-fourths don’t currently meet cybersecurity standards for protecting weapons systems, README’s Shaun Waterman reports. That could pose problems for the Biden administration’s plans to roll out similar rules to more than 200,000 companies that do business with the Pentagon.
The new rules are “the latest and most ambitious Pentagon effort to stanch a wave of hacking attacks by U.S. adversaries against defense contractors going back more than a decade, which has led to the hemorrhaging of confidential weapons design and other data,” Waterman writes. The rules could go into effect within two years.
A government program to reimburse companies to “rip and replace” Huawei and ZTE equipment could cost as much as $5.6 billion
The Federal Communications Commission received more than 180 applications for FCC reimbursements under the program which aims to replace telecom equipment that might be especially vulnerable to Chinese hacking and spying, FCC chairwoman Jessica Rosenworcel said. The new price tag is nearly $4 billion more than what the FCC originally estimated the effort costing in September 2020, the Verge’s Mitchell Clark reports.
The U.S. government has said Chinese companies Huawei and ZTE pose risks to national security, arguing that they could be used by China’s government to spy on Americans. The companies dispute the claims.
Congress still has to allocate funding for the reimbursement program, Clark reports. The FCC is reviewing applications by telecommunications companies, so it’s possible that the final cost of the program will change.
Hill happenings
Supporters and opponents are mobilizing around the EARN IT Act
The Senate Judiciary Committee is set to debate the bill this Thursday, which would hike tech firms' liability when their users share child pornography and which cybersecurity advocates fear could result in weakening encryption.
- The legislation’s supporters are touting a letter from more than 250 organizations supporting the bill, which primarily focus on opposing child exploitation.
- The Internet Society joined encryption advocacy groups such as the Electronic Frontier Foundation in blasting the proposal, saying it could pave the way for weakened end-to-end encryption, which prevents people besides the recipient and sender from reading messages.
A version of the bill has also been introduced in the House.
Global cyberspace
Industry report
Cyber insecurity
Securing the ballot
Software developer Ryan Macy and the information security consultant who goes by the handle “Corgi” offered an inside look at a marriage where one partner builds software and the other is in cybersecurity.
- Yevheniya Kravchuk, the deputy chairwoman of the Ukrainian parliament’s humanitarian and information policy committee, discusses Russian disinformation at a Transatlantic Task Force on Ukraine event Tuesday at 10 a.m.
- David Nalley, the president of the Apache Software Foundation, testifies at a Senate Homeland Security Committee hearing on a vulnerability in the Apache log4j library on Tuesday at 10 a.m.
- National Cyber Director Chris Inglis, CISA Chief of Staff Kiersten Todt and Principal Associate Deputy Attorney General John Carlin speak at the Cyber Initiatives Group’s first-quarter summit Wednesday.
- The Securities and Exchange Commission is set to consider new cybersecurity rules for investment advisers and companies at a meeting Wednesday at 10 a.m.
- The Senate Judiciary Committee is expected to discuss the EARN IT Act at a meeting Thursday at 9 a.m. The bill, which would remove social media sites’ liability protections when users share child pornography, has come under fire from encryption and privacy advocates.
- INSF and WCAPS host an event on challenges and opportunities for Black women in the intelligence community Thursday at 11 a.m.
Secure log off
Thanks for reading. See you tomorrow.
"corp" - Google News
February 07, 2022 at 07:34PM
https://ift.tt/R9PtUkZ
Analysis | The News Corp breach illustrates how badly China wants to hack the U.S. - The Washington Post
"corp" - Google News
https://ift.tt/lNB8JCK
Shoes Man Tutorial
Pos News Update
Meme Update
Korean Entertainment News
Japan News Update
Bagikan Berita Ini
0 Response to "Analysis | The News Corp breach illustrates how badly China wants to hack the U.S. - The Washington Post"
Post a Comment