Some serious security news broke late Wednesday night when The New York Times issued a report saying it was on the receiving end of a four-month hacking attack from China after publishing an investigative report on Chinese Premier Wen Jiabao’s family finances. Early Thursday morning, China meanwhile said it was “groundless” to suggest any state-endorsed program of hacking. Symantec, which makes the security software that the publication relied on to protect itself, also denied blame.
“The competent Chinese authorities have already issued a clear response to the groundless accusations made by the New York Times,” Foreign Ministry spokesman Hong Lei told reporters in Beijing, according to the AFP. “To arbitrarily assert and to conclude without hard evidence that China participated in such hacking attacks is totally irresponsible. China is also a victim of hacking attacks. Chinese laws clearly forbid hacking attacks, and we hope relevant parties takes a responsible attitude on this issue.”
The statement is very similar to previous ones issued by Chinese authorities when the country’s government is blamed for an online attack. While the NYT did not specifically finger the Chinese government, the publication did say that the computer experts it hired found “the attacks started from the same university computers used by the Chinese military to attack United States military contractors in the past.”
The publication’s report also suggested Symantec’s security software solution was incompetent. The attackers managed to install 45 pieces of “custom malware” over the course of three months, but The Times said it “found only one instance” by the means of Symantec’s antivirus products, which identified an attacker’s software as malicious and quarantined it. Symantec has countered by saying the publication used the wrong software.
“Advanced attacks like the ones the New York Times described in the following article, (http://nyti.ms/TZtr5z), underscore how important it is for companies, countries and consumers to make sure they are using the full capability of security solutions,” Symantec said in a statement. “The advanced capabilities in our endpoint offerings, including our unique reputation-based technology and behavior-based blocking, specifically target sophisticated attacks.
Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security. Anti-virus software alone is not enough.”
Denying and mitigating the blame is standard procedure in stories like this one. The truth is, while one party can be blamed for the attack, there are multiple parties that can improve their security systems to fight back.
Update: The Wall Street Journal has reported a similar story today, stating that “its computer systems had been infiltrated by Chinese hackers for the apparent purpose of monitoring the newspaper’s China coverage.” Furthermore, the “Journal on Thursday completed a network overhaul to bolster security.”
Image credit: Vorarlberg