Twitter announced this weekend that around 250,000 of its users’ accounts have been accessed by unauthorized sources. Affected accounts may have had their usernames, email addresses, session ID’s, and passwords compromised by the hackers.
To prevent further intrusion, Twitter has reset the passwords of all impacted users and sent an e-mail alert notifying them they would have to change their passwords. The social media giant does not believe the hackings were the work of amateurs, nor that it was an isolated incident; this declaration comes shortly after similar ones from both the New York Times and Wall Street Journal.
Both the Times and the Journal attribute their hackings to sources in China with links to the country’s government. According to the Wall Street Journal, Chinese hackers have been targeting major US media companies for years, predominantly for the purpose of monitoring their coverage of China. By spying on system files and company e-mails, the government is sometimes able to identify would-be anonymous sources who aid reporters on issues that are considered sensitive by China’s communist party; these sources sometimes become hard to contact after the hackings occur. Authorities have been known to punish citizens for giving information to foreign reporters.
It is believed that the goals of the hackings range from insider trading and spying on industry to tracking information which could be harmful to China’s ruling class. James Lewis, an advisor to US officials on cyber security, says "The Communist Party really fears information and they can see their control unraveling as people read about corruption and officials with huge bank portfolios… information is an existential threat to these regimes."
Lewis’ description falls in line with the New York Times report that it has been the subject of consistent hackings for four straight months, following a story it ran on Chinese Prime Minister Wen Jiabao’s family amassing a fortune worth billions of dollars through various business dealings. The method of the attacks—which were used to gain access to the e-mail account of the reporter who wrote the story on Wen Jiabao, as well as account and password information of many other employees—exhibited traits security experts have come to associate with the Chinese military.
As has been the case with many previous attacks, including those on US military contractors, the hackers first gained access to the computers of various American universities with the use of malware, then routed their hackings through the schools in an unsuccessful attempt to disguise their true origin.
These are only the latest happenings in a series of attacks on US media. Last year, Bloomberg News had been the subject of Chinese interest after it published an article on the accumulation of wealth by then-Vice President Xi Jingping, though the hackers failed to compromise any of Bloomberg’s systems at the time.
Google and EMC have both been breached by the Chinese government, and Dow Jones & Co. announced on Thursday that its systems had also been infiltrated by hackers to monitor coverage on China. A US congressional report from October also warned businesses to be weary of Chinese telecommunications companies, which are believed to have been engaged in espionage on behalf of their government.
Despite the trail of digital breadcrumbs leading directly back to China, much of the exhibited behavior being characteristic of the country’s hackers, and the primary concerns of the hackers while rummaging around in the New York Times and Dow Jones’ systems being reports on China and the corruption of its officials, the country has denied any involvement in the attacks.
Geng Shuang, the spokesperson of the Chinese Embassy, has said “It is irresponsible to make such an allegation without solid proof and evidence… The Chinese government prohibits cyberattacks and has done what it can to combat such activities in accordance with Chinese laws." When asked about the evidence which lead directly back to China, the country’s Ministry of National Defense stated “Chinese laws prohibit any action including hacking that damages Internet security… to accuse the Chinese military of launching cyberattacks without solid proof is unprofessional and baseless.”
That China would not implicate itself by admitting to these actions is unsurprising, but it has not offered an explanation for the evidence pointing in its direction.