Major US News Publisher Breached, Chinese Supply-Chain Attack Suspected

The Associated Press reports:

News Corp., publisher of The Wall Street Journal, said Friday that it had been hacked and had data stolen from journalists and other employees, and a cybersecurity firm investigating the intrusion said Chinese intelligence-gathering was believed behind the operation.

The Journal, citing people briefed on the intrusion, reported that it appeared to date back to February 2020 and that scores of employees were impacted. It quoted them as saying the hackers were able to access reporters' emails and Google Docs, including drafts of articles. News Corp., whose publications and businesses include the New York Post and Journal parent Dow Jones, said it discovered the breach on Jan. 20. It said customer and financial data were so far not affected and company operations were not interrupted. But the potential impact on news reporting and sources was a serious concern.

News organizations are prime targets for the world's intelligence agencies because their reporters are in constant contact with sources of sensitive information. Journalists and newsrooms from Mexico and El Salvador to Qatar, where Al-Jazeera is based, have been hacked with powerful spyware.

Mandiant, the cybersecurity firm examining the hack, said in a statement that it 'assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China's interests....' FBI Director Christopher Wray said in a speech this week that the bureau opens investigations tied to suspected Chinese espionage operations about every 12 hours, and has more than 2,000 such probes. He said Chinese government hackers have been pilfering more personal and corporate data than all other countries combined. While state-backed Russian hacking tends to get more headlines, U.S. officials say China has been stealthily stealing far more valuable commercial and personal data over the past few decades as digital technology took hold.

CBS News reports that 'preliminary findings point to a supply chain hack,' since News Corp wrote in its report that they'd discovered one of the third-party providers supporting their technology and 'cloud-based' systems 'was the target of persistent cyberattack activity.'

The Associated Press adds that major newsrooms have also been compromised previously, including a 2013 cyberespionage attack against the New York Times in 2013. A former information security executive at the paper explaining 'that while major newsrooms have shown a lot of progress in the last few years in helping their journalists navigate an increasingly hostile digital world, those efforts are not adequate to defend against a skilled and determined adversary like China.'

Read more of this story at Slashdot.