The Washington Post Is Hacked Again, and Again China Is Suspected
In a story that’s becoming disturbingly familiar, the paper disclosed that the security research firm Mandiant had discovered the latest attack. It occurred on a server used by the Post’s overseas reporters, and then spread to other servers. Employees are being asked to change both their user names and passwords.
The Post has been among several news organizations targeted by attacks in recent years. Earlier this year, the New York Times discovered a significant breach of its systems, but, working with Mandiant, allowed the attackers to wander freely on the network in order to study their intent and methods before locking them out. At the same time, other organizations — including The Wall Street Journal (which like this website is owned by News Corp) and Bloomberg News — also revealed that they had been attacked.
The latest attack didn’t last long, and suspicion quickly fell on China, though the Post didn’t disclose what leads to that conjecture. In February, the world learned that China has a dedicated unit of its Army that is thought to conduct ongoing cyber espionage. Known as Unit 61398, it is said to operate out of a single building in Shanghai, and is thought to have penetrated the systems of at least 141 companies dating back to 2006.
But it’s not always China. Earlier this year, the Post and the Times were both hit by the Syrian Electronic Army, a pro-Assad group of digital pranksters. The Times website actually went down for some people for the better part of two days in August. Earlier that month, the group claimed responsibility for an attack that redirected links on some Washington Post Web pages to pages with pro-Assad propaganda messages.