The Washington Post says that it discovered today that hackers had breached its computer systems, and gained access to the usernames and passwords of employees.
In all likelihood, the hackers would have planted malware onto the computers belonging to staff who work at the newspaper, opening backdoors for hackers to gain access to connected systems. No doubt one of the servers that the hackers managed to access contained login details for employees.
A report on the newspaper’s website explains that staff will be told to change their passwords “on the assumption that many or all of them may have been compromised.”
That would be extremely sensible advice.
Sign up to our newsletterA major concern would be that Washington Post staff might be using the same password in multiple places. If that’s the case (and let’s face it, *most* people are shamefully bad at following best practice for password security) then hackers could right now be attempting to access other accounts owned by the users – such as their email and cloud storage accounts.
If Chinese hackers are indeed responsible for the intrusion, then there will naturally be suspicion that the motivation for the hack was to gather information about Chinese dissidents and others who oppose the authorities in Beijing.
For this reason, it really is essential that journalists who cover sensitive topics practice good security, and take every step possible to protect the identity of their sources from falling into the wrong hands.
Of course, it must be remembered that it is extremely difficult to prove who is behind an internet attack like this. That’s because it’s so easy to use compromised computers around the world to route attacks through – disguising the true origin.
Even if China is identified as the starting point of an attack – it doesn’t necessarily prove that the hack was backed by the Chinese government or intelligence services. It could just as easily be a group of skilled, patriotic Chinese hackers upset with how the US media portrays its government.
But let’s not be too naive. In all probability, this attack was sanctioned by Beijing. Although some conspiracy theorists may wonder – in the current climate – if it wasn’t the NSA instead!
Of course, this isn’t the first time that hackers have broken their way into computer servers at The Washington Post. Earlier this year reports emerged that the paper had unknowingly had its servers infiltrated by Chinese hackers for some years.
And in August, the notorious Syrian Electronic Army managed to redirect the newspaper’s online readers to the hacking group’s website instead.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
