Symantec Pushes Back Against New York Times Hacking Report

Chinese hackers managed to penetrate the cyber-defenses of The New York Times, the newspaper claims, and break into the e-mail accounts of reporters investigating the family of Chinese prime minister Wen Jiabao.

The Times detailed its assertions in a long article posted to the front of its Website Jan. 30. The attacks apparently began in early September, as the probe into Wen’s family approached its conclusion. While the hackers could have “wrecked havoc on our systems,” according to Times CIO Marc Frons, they focused on infiltrating dozens of employee computers.

The Times relies on antivirus software from Symantec, which only managed to detect and quarantine one of the 45 pieces of malware installed by the attackers.

Using that custom malware, the attackers managed to siphon data from the e-mail accounts of Times’ Shanghai bureau chief David Barboza and South Asian bureau chief Jim Yardley. They seemed particularly interested in Barboza’s research, including the names of sources.

“Attackers no longer go after our firewall,” Michael Higgins, the Times chief security officer, told the newspaper. “They go after individuals. They send a malicious piece of code to your e-mail account and you’re opening it and letting them in.”

The Times investigation into Wen’s family described its incredible wealth, concluding—based on extensive digging through public records—that his relatives have billions of dollars in assets.

Soon after the Times published its account of the hacking, Symantec fired off a statement about its software’s apparent failure to protect the newspaper’s IT infrastructure from malware.

“The advanced capabilities in our endpoint offerings, including our unique reputation-based technology and behavior-based blocking, specifically target sophisticated attacks,” that statement read. “Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats.”

Symantec added: “We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security. Anti-virus software alone is not enough.”

In the meantime, Times executives anticipate future cyber-attacks.


Image: Erika Cross/