So, whodunnit? Last week, The New York Times, The Washington Post and The Wall Street Journal reported that their networks had been hacked. All three were quick to blame China.
The New York Times cited the type of malware and techniques used as evidence of China's involvement. During the attack, which lasted more than four months, hackers stole the corporate passwords for every employee at the paper. These were then used to get onto the personal computers of 53 employees. The hacking took place while the newspaper was investigating China's premier Wen Jiabao and the billions of dollars that his relatives have amassed. China has denied any involvement in the hacking.
Mandiant, a security firm in Alexandria, Virginia, was hired by the paper to investigate and found that the hackers sent their attacks through a number of US universities to hide the source. The paper said this pattern matched an attack on Gmail that was eventually traced back to two educational institutions in China, one with alleged ties to the Chinese military, although they denied any involvement in the attacks at the time.
And don't be so fast to accuse, says Jeffrey Carr, CEO of digital security consultancy Taia Global. "The Times made no distinction between state and non-state. You can't rule China out, but you could have Chinese hackers operating outside of any official activity," he says.
Carr points out that the entire body of evidence is shaky, and says he wants to see standards of proof for online crimes that have been agreed by the whole information security industry.
"This is important. US senators and congressmen are not equipped to do any thinking about cybersecurity – it's all prejudice and knee jerk. They read a headline in the New York Times and they make policy. That's horrible."
Twitter also came under attack last week, when 250,000 usernames and passwords were stolen. The company named no names, but referred to an "extremely sophisticated" attack, adding that "other companies and organisations have also been recently similarly attacked".
If you would like to reuse any content from New Scientist, either in print or online, please contact the syndication department first for permission. New Scientist does not own rights to photos, but there are a variety of licensing options available for use of articles and graphics we own the copyright to.
All comments should respect the New Scientist House Rules. If you think a particular comment breaks these rules then please use the "Report" link in that comment to report it to us.
If you are having a technical problem posting a comment, please contact technical support.
China gets the blame for hacking spree
This article
China gets the blame for hacking spree
can be opened in url
http://newsstonefish.blogspot.com/2013/02/china-gets-blame-for-hacking-spree.html
China gets the blame for hacking spree
