The Guardian is reporting News Corp cyber-attack: firm says it believes hack linked to China.
News Corp was the target of a hack that accessed emails and documents of journalists and other employees, an incursion the company’s cybersecurity consultant said was likely meant to gather intelligence to benefit China’s interests.
The attack, discovered on Jan. 20, affected a number of publications and business units including The Wall Street Journal and its parent Dow Jones; the New York Post; the company’s U.K. news operation; and News Corp headquarters, according to an email the company sent to staff Friday.
News Corp said it notified law enforcement and hired cybersecurity firm Mandiant Inc. to support an investigation.
“Mandiant assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests,” said David Wong, vice president of incident response at Mandiant.
Experts Comments
It’s time to remind ourselves that there is always more information to be discovered after the initial disclosure of a cyber attack like this one. We should expect that the information shared today isn’t the full story.
Cyber attack attribution is extremely difficult, and while the casual reader may draw the conclusion here that China is responsible (which may be true), it’s worth noting the language that Mandiant uses. Mandiant states that “those behind this activity have a China nexus”
.....Read MoreIt’s time to remind ourselves that there is always more information to be discovered after the initial disclosure of a cyber attack like this one. We should expect that the information shared today isn’t the full story.
Cyber attack attribution is extremely difficult, and while the casual reader may draw the conclusion here that China is responsible (which may be true), it’s worth noting the language that Mandiant uses. Mandiant states that “those behind this activity have a China nexus” and that “they are likely involved in espionage activities to collect intelligence to benefit China’s interests.” The statement does not go as far as pointing to the Chinese government directly. The term “China nexus” and the phrase “benefit China’s interests” are both ways of softening the conclusion. In these types of reports, language matters.
On its surface, this seems like the kind of incident the newly formed Cyber Safety Review Board might investigate. This might be a test of the effectiveness of that effort, but given the international nature of News Corp, it will also test how that board addressed the inherently different borders that apply to cybersecurity.
Read LessLinkedin Message
@Tim Erlin, VP of Product Management and Strategy , provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
Facebook Message
@Tim Erlin, VP of Product Management and Strategy , provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
This is an early example of what we believe will be a broader escalation of cyberattacks by nation state actors in the coming year. Just days ago the FBI labeled Chinese cyber aggression more 'brazen and damaging' than ever before and we’re seeing that play out in real time. This is likely an intelligence gathering campaign that could have broader impacts on US journalism and politics for years to come.
Linkedin Message
@Paul Martini, CEO, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
Facebook Message
@Paul Martini, CEO, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
News Corp certainly isn't the first news organisation targeted in an espionage campaign and won't be the last. Other high profile attacks against the New York Times and Associated Press have made headlines in the past and I'd suspect many other news organisations are being targeted on a daily basis. If there is a silver lining with this latest cyberattack, it appears to be that News Corp minimised the data loss.
News Corp certainly isn't the first news organisation targeted in an espionage campaign and won't be the last. Other high profile attacks against the New York Times and Associated Press have made headlines in the past and I'd suspect many other news organisations are being targeted on a daily basis. If there is a silver lining with this latest cyberattack, it appears to be that News Corp minimised the data loss.
Linkedin Message
@Sam Curry, Chief Security Officer, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
Facebook Message
@Sam Curry, Chief Security Officer, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
Normally the Olympic seasons bring out the best in people. Sadly though, threat actors don’t sleep and are waiting to pounce thinking the guard is down on tempting targets. Given the present state of world affairs, all organizations – regardless of industry - should be operating at an increased “state of alert” as the threat environment has expanded greatly due to geopolitical issues.
As the threat environment continues to change, proper and continuous diligence is required to ensure all cyber
.....Read MoreNormally the Olympic seasons bring out the best in people. Sadly though, threat actors don’t sleep and are waiting to pounce thinking the guard is down on tempting targets. Given the present state of world affairs, all organizations – regardless of industry - should be operating at an increased “state of alert” as the threat environment has expanded greatly due to geopolitical issues.
As the threat environment continues to change, proper and continuous diligence is required to ensure all cyber defensive tools and techniques are employed to protect your most precious data assets. Continuous intelligence, monitoring, and dialogue with critical partners and suppliers should be ongoing to ensure “all is ready” in the event recovery is needed, and that additional support is available in the event something were to occur.
Read LessLinkedin Message
@Tom Garrubba, Senior Director and CISO, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
Facebook Message
@Tom Garrubba, Senior Director and CISO, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
Be part of our growing Information Security Expert Community (1000+), please register here.
We expect to see more potential nation-state led cyberattacks as tensions between Russia, China and the West increase. We urge all businesses, even those without direct links to the British government, to be extra vigilant in the coming months.
Linkedin Message
@Jamie Akhtar, CEO and Co-founder, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed
Facebook Message
@Jamie Akhtar, CEO and Co-founder, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/news-corp-journalists-emails-hacked-china-blamed