Hackers that are believed to be acting at the behest of the Chinese government infiltrated the WSJ’s computer systems in order to gather surveillance data on reporters covering China, publisher Dow Jones said, ostensibly to identify sources for articles. The effort almost precisely echoes the attack on the New York Times.
"Evidence shows that infiltration efforts target the monitoring of the Journal's coverage of China and are not an attempt to gain commercial advantage or to misappropriate customer information," Paula Keve, a spokeswoman for Journal publisher Dow Jones, said in a statement Thursday.
Beijing bureau targets included Beijing Bureau Chief Andrew Browne and Jeremy Page, who investigated the murder of British businessman Neil Heywood. Those stories prompted a scandal that helped bring down Chinese politician Bo Xilai.
The FBI notified the paper of a potential breach of its Beijing computer network last summer, after which the WSJ hired consultants to investigate. The Journal embarked upon an ongoing investigation, during which it “uncovered a major breach,” in which hacking groups that may or may not have been working together entered the company's networks in China, and from there spread into the global system.
Over the course of its investigation, a “probe watched where the hackers went within the Journal's computer networks, what information they were interested in and how deeply they had penetrated,” the WSJ reported. “A number of computers were totally controlled by outside hackers, who had broad access across the Journal's computer networks.” In the aftermath, the Journal has been overhauling its network security.
Jason Steer, EMEA product manager and architect at FireEye, noted that media companies are going to need to up their game.
“With the odds stacked against businesses, it is vital that companies – particularly those with intellectual property and other highly sensitive assets to protect – are taking into account the advanced, targeted nature of today’s threat,” he said in a statement to Infosecurity. “As we can see, hackers of varying levels have become very adept at overcoming traditional forms of security. A comprehensive strategy that includes both traditional and proactive signature-less solutions is the only way to truly bolster defenses against attackers.”
Citing unnamed sources, the Journal reported that the FBI has been probing media hacking incidents, which investigators believe is “part of a long-running pattern by a foreign entity to compromise the security of major U.S. companies.” In addition to the WSJ and the New York Times, the Associated Press and Bloomberg News have been targeted in the last 12 months.
The Chinese response denied involvement. "It is irresponsible to make such an allegation without solid proof and evidence," said Chinese Embassy spokesman Geng Shuang, in a statement to the paper. "The Chinese government prohibits cyberattacks and has done what it can to combat such activities in accordance with Chinese laws."