Washington Post discovers it has been hacked. China blamed

The Washington Post says that it discovered today that hackers had breached its computer systems, and gained access to the usernames and passwords of employees.

In all likelihood, the hackers would have planted malware onto the computers belonging to staff who work at the newspaper, opening backdoors for hackers to gain access to connected systems. No doubt one of the servers that the hackers managed to access contained login details for employees.

A report on the newspaper’s website explains that staff will be told to change their passwords “on the assumption that many or all of them may have been compromised.”

That would be extremely sensible advice.

A major concern would be that Washington Post staff might be using the same password in multiple places. If that’s the case (and let’s face it, *most* people are shamefully bad at following best practice for password security) then hackers could right now be attempting to access other accounts owned by the users – such as their email and cloud storage accounts.

If Chinese hackers are indeed responsible for the intrusion, then there will naturally be suspicion that the motivation for the hack was to gather information about Chinese dissidents and others who oppose the authorities in Beijing.

For this reason, it really is essential that journalists who cover sensitive topics practice good security, and take every step possible to protect the identity of their sources from falling into the wrong hands.

Of course, it must be remembered that it is extremely difficult to prove who is behind an internet attack like this. That’s because it’s so easy to use compromised computers around the world to route attacks through – disguising the true origin.

Even if China is identified as the starting point of an attack – it doesn’t necessarily prove that the hack was backed by the Chinese government or intelligence services. It could just as easily be a group of skilled, patriotic Chinese hackers upset with how the US media portrays its government.

But let’s not be too naive. In all probability, this attack was sanctioned by Beijing. Although some conspiracy theorists may wonder – in the current climate – if it wasn’t the NSA instead!

Of course, this isn’t the first time that hackers have broken their way into computer servers at The Washington Post. Earlier this year reports emerged that the paper had unknowingly had its servers infiltrated by Chinese hackers for some years.

And in August, the notorious Syrian Electronic Army managed to redirect the newspaper’s online readers to the hacking group’s website instead.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.