China’s Hacking of NY Times Recalls Another Attack in 1998
There’s going to be an awful lot to say about the massive hacking effort by attackers thought to reside in China that rocked the New York Times last year. And much of what can be said is already there in the longish takeout on the incident on today’s front page.
If you haven’t read it yet, I’ll spare you the effort. Last fall, the Times was getting ready to publish a lengthy report about how relatives of Chinese premier Wen Jiabao had amassed a sizable fortune. Knowing China’s reputation for carrying out hacking attacks against companies and other entities that annoy it, Times executives had the foresight to have the company’s Internet service provider watch for any unusual activity.
Predictably, it showed up. It was a classic spear-phishing attack that contained a remote access tool, packaged in an email attachment innocently opened by an employee. The incident provided the Times and the security firm it hired, Mandiant, the opportunity to watch the intruders’ activity for an extended period of time as they roamed the network. Once Mandiant had a pretty good idea of all the different paths for getting in and out, they shut down and isolated all the affected machines, plugged all the holes and that was that.
Interesting. But it’s not the first time the Times has been hacked in a high-profile manner. The story reports that the first attack occurred on Sept. 13. That’s a notable date because it is, coincidentally, the 15-year anniversary of the day in 1998 that the New York Times Web site was attacked by a hacking group calling itself Hacking for Girliez.
I wrote about that attack for Wired. The attack was a basic Web defacement. The Times front page was replaced with another page (you can see the results, not completely safe for work, here) that contained within its HTML code a rambling message about the then-jailed hacker Kevin Mitnick, and a weird poem.
No one was ever arrested for the attack and it’s a pretty sure bet no one ever will be, mainly because the statute of limitations would have long expired. But someone did get the perpetrators to sit for an interview. Adam Penenberg, then a writer for Forbes and now an editor for PandoDaily, got “Slut Puppy” and “Master Pimp” to answer some questions. Their motivation at the time? They were bored and couldn’t agree on a video to watch.
The 1998 attack was the first incident for the Times, and for a little while its entire Web site was taken down in order to prevent the display of the hacked page. The timing of this attack probably has nothing to do with this latest attack. But then again, hackers of all stripes are known for long memories and a unique sense of humor.