A short history of hacking attacks against the media

Filed Under: Fake anti-virus, Featured, Malware, Privacy, Twitter, Vulnerability

The revelation of the Chinese hacking campaign against reporters working for the New York Times has raised awareness of targeted malware attacks, but what does the history of cyberattacks against media agencies look like?

Here's a short (and definitely incomplete) list of some of the stories we have seen over the years, where news agencies have fallen foul of hackers and cybercriminals:

August 2008 A full-blown conflict between Russian and Georgian forces spills over into defacements and denial-of-service attacks against a number of websites. These include the Georgian Ministry of Foreign Affairs website - where hackers posted a collage of photographs comparing Georgian president Mikheil Saakashvili to Adolf Hitler.

One of the sites impacted by the denial-of-service attacks is the Russian news agency RIA.

May 2009 Spammers manage to hack a Twitter account belonging to the New York Times, and attempt to redirect followers to a sexy webcam site.

New York Times's fashion blog apologises for the hacking incident on Twitter

September 2009 Online readers of the New York Times are hit by fake anti-virus attacks.

New York Times warns of poisoned advert

It emerged that the hackers who exposed innocent internet users to malware had bought the poisoned advertising space on the New York Times website directly from the newspaper.

October 2009 A jobs website run by The Guardian newspaper is broken into by hackers, and users' personal information put at risk.

April 2010 New York Times journalist Andrew Jacobs claims that his Yahoo email account was hacked while he was in Beijing, forwarding all of his correspondence to a third party.

June 2010 The Jerusalem Post website is compromised, and infected with malware.

January 2011 The website of the Mail & Guardian, a weekly South African newspaper, was forced offline following attacks by hackers - said to originate from Russia.

July 2011 The notorious LulzSec hacking gang redirected British tabloid The Sun's website to their own Twitter feed, and published a story claiming that Rupert Murdoch had been found dead.

Fake news story claiming that Rupert Murdoch is dead

The Sun's report on the arrest of Ryan ClearyThe motivation for LulzSec's hack against The Sun was unclear, but it was felt that the hacking gang was still angry about the newspaper's coverage of the arrest of British teenage hacker Ryan Cleary the month before.

July 2011 The Twitter account of Fox News is hacked and publishes the (fake) news of the death of Barack Obama.

August 2011 The Sun warns its readers that if they participated in competitions on their website, they might have had their personal information stolen.

September 2011 Hackers broke into the Twitter account of NBC News, and posted messages claiming that there has been a terrorist attack at Ground Zero in New York. A Christmas Tree trojan, sent to one of NBC's journalists, is later blamed for the account being compromised.

September 2011 USA Today's Twitter account is compromised, and spews a number of messages from a group calling itself "The Script Kiddies".

November 2011 Sky News has its Twitter account hacked, and announces that News Corporation's Chief Executive and Chairman James Murdoch had been arrested by police in London. He hadn't.

Tweet from Sky News Biz account

August 2012 Pro-Syrian government messages are planted by hackers on the Reuters news service website, including a fake interview with a Syrian rebel leader. An official Reuters Twitter account is also compromised.

During the first attack, the intruder posted fake news stories on the Reuters site, including an alleged interview with a Syrian rebel leader.

December 2012 Russian news websites were hit by denial-of-service attacks on the day of the national election. One radio station, Moscow Echo, claims that its website was in an attempt to silence its report of voting irregularities.

January 2013 The New York Times says that Chinese hackers have had access to their network for four months, broken into email accounts, and stolen all employees' passwords. The Wall Street Journal also claimed that its computer systems had been infiltrated by Chinese hackers.

As you can see, most of the reported incidents don't involve shady state-sponsored cybercriminals trying to steal information from newspaper networks, but there's no denying that targeted attacks against organisations for the purposes of spying appear to have become a more common occurence.

As the threat becomes more serious, news organisations will need to realise that although they are normally in the business of distributing news - that doesn't mean that there aren't third parties interested in breaking into their systems and stealing the information which doesn't make it into the pages of the daily newspaper.

When the journalists are the hackers

Let's not forget of course, that hacking hasn't always been directed towards the journalists and their newspapers. Sometimes it's been the other way around:

, , , , ,

You might like

2 Responses to A short history of hacking attacks against the media

  1. MikeP_UK · 983 days ago

    It's amazing to see how often the Twitter and/or Facebook accounts are involved!
    Safest way to avoid being hacked by that route is not to have any such accounts. They are clearly insecure by design and often time wasting for no gain.

  2. M-Stoned · 983 days ago

    * June 2012

    Korean News website defaced and systems were destoried by North Korea

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley