For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.
The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings.
The article contains many more details than we usually see about these incidents. Pure APT, and I had Mandiant pegged as the responders by the second paragraph. Of greater interest AT&T’s role in initially identifying the attack.
Some in the security community, especially researchers, like to dismiss APT, but there is no question that China (and others, including the US) are engaging in massive attack campaigns. The key difference is that China is brazen and appears to target anyone in the public who private sector who comes anywhere near their radar screen. This includes companies far smaller than the Times.
Until there are consequences for these actions, don’t expect anything to slow down. Gumming up the Huawei deal doesn’t come close to a material consequence.
Update: Looks like the Wall Street Journal is also under persistent attack from China.