Wall Street Journal Targeted by Chinese Hackers
By David Gilbert | February 1, 2013 9:39 PM EST
Following the revelation that the New York Times was infiltrated by Chinese hackers, the Wall Street Journal has also revealed it has been targeted by hackers affiliated with the Chinese government.
The WSJ publisher Dow Jones & Company has admitted that the paper's computer systems had been infiltrated by Chinese hackers, apparently to monitor its China coverage - the same reason the New York Times was targeted.
The WSJ has faced hacking threats from China during the past few years, people familiar with the Journal investigation said. The FBI informed the publication in the middle of 2012 that it had come across data which seemed to originate from within the network in the Journal's Beijing bureau.
Having hired consultants to investigate the matter, several groups were identified as having breached the Journal's network, though it's unclear if they were working together or not. Access was initially gained through the Beijing network and from there they gained access to the global WSJ network.
Unlike the Times attack, no mention was made of passwords of employees being compromised.
While the attack on the Times was linked to articles written about the family of prime minister Wen Jiabao, it is understood that the WSJ breach was focused initially on reporter Jeremy Page who wrote articles about the murder of British businessman Neil Heywood, in a scandal that helped bring down Chinese politician Bo Xilai.
Like the New York Times attack, once the breach was discovered investigators watched the hackers at work, to see where in the system they were looking and what information they were looking for. However the investigation was unable to determine the full extent of the information gathered.
Sources speaking to the WSJ said these types of attacks have been taking place for years, with US media companies being breached on a regular basis. One of the main reasons for hacking a reporters' computer is to help identify sources that were passing on sensitive information.
The Chinese government has come down hard on such informers in the past.
The Chinese government continues to deny any knowledge of cyber-attacks on Western media, calling the allegations "irresponsible."
Chinese Embassy spokesman Geng Shuang condemned allegations of Chinese cyber-spying, telling the WSL: "It is irresponsible to make such an allegation without solid proof and evidence," he said. "The Chinese government prohibits cyber-attacks and has done what it can to combat such activities in accordance with Chinese laws."
Yesterday, China's Ministry of National Defence called allegations by the Times "baseless and unprofessional."
Mandiant, the security experts brought in by the New York Times, said it was monitoring up to 20 different groups of hackers from China who were targeting organisations in the US and around the world.
The group which it believes carried out the attack on the New York Times, is also being tracked by US mobile network AT&T and the FBI, and is according to Mandiant, "very active" having broken into hundreds of other Western organisations, including several American military contractors.
This belief was backed up by reports from Bloomberg that it has seen unsuccessful attempts to hack into its system, while Reuters news service said it was hacked twice last August, though Reuters said it couldn't confirm the source of the attack.
"Evidence shows that infiltration efforts target the monitoring of the Journal's coverage of China and are not an attempt to gain commercial advantage or to misappropriate customer information," Paula Keve, a spokeswoman for Journal publisher Dow Jones, said in a written statement Thursday.
Data security is an "ongoing issue," Ms. Keve said. "We continue to work closely with the authorities and outside security specialists, taking extensive measures to protect our customers, employees, journalists and sources."
The security system of the Wall Street Journal has been overhauled in recent weeks with the effort being completed on Thursday before the announcement was made.
While attacks on private companies are increasing the US government is also wary of increased attacks on its infrastructure from China and elsewhere. Earlier this week it was confirmed that the US Department of Defense plans to increase its cybersecurity personnel by 4,900.
To report problems or to leave feedback about this article, e-mail:
To contact the editor, e-mail: