[liberationtech] Journalists' emails hacked in China

Ashni Mohnot ashni.mohnot at gmail.com
Wed Mar 31 17:45:07 PDT 2010 

http://www.nytimes.com/2010/03/31/world/asia/31china.html

Journalists’ E-Mails Hacked in China By ANDREW
JACOBS<http://topics.nytimes.com/top/reference/timestopics/people/j/andrew_jacobs/index.html?inline=nyt-per>

BEIJING — In what appears to be a coordinated assault, the e-mail accounts
of more than a dozen rights activists, academics and journalists who cover
China<http://topics.nytimes.com/top/news/international/countriesandterritories/china/index.html?inline=nyt-geo>have
been compromised by unknown intruders. A Chinese human rights
organization also said that hackers disabled its Web site for a fifth
straight day.

The infiltrations, which involved
Yahoo<http://topics.nytimes.com/top/news/business/companies/yahoo_inc/index.html?inline=nyt-org>e-mail
accounts, appeared to be aimed at people who write about China and
Taiwan, rendering their accounts inaccessible, according to those who were
affected. In the case of this reporter, hackers altered e-mail settings so
that all correspondence was surreptitiously forwarded to another e-mail
address.

The attacks, most of which began last Thursday, occurred the same week that
Google<http://topics.nytimes.com/top/news/business/companies/google_inc/index.html?inline=nyt-org>angered
the Chinese government by routing Internet search engine requests
out of the mainland to a site in Hong Kong. Google said the move was
prompted by its objections to censorship rules and by a spate of attacks on
Google e-mail users that the company suggested had originated in China.

Those cyberattacks, which began as early as last April, affected dozens of
American corporations, law firms and individuals, many of them rights
advocates critical of China’s authoritarian government.

The victims of the most recent intrusions included a law professor in the
United States, an analyst who writes about China’s security apparatus and
several print journalists based in Beijing and Taipei, the capital of
Taiwan.

“It’s very unsettling,” said Clifford Coonan, the China correspondent for
Variety magazine, whose e-mail account was rendered inaccessible last week
after Yahoo detected that someone had gained access to it remotely. “You
can’t help but wonder why you’ve been targeted.”

In an e-mail exchange, Dana Lengkeek, a Yahoo spokeswoman, declined to
discuss the incidents, citing company policy. “We are committed to
protecting user security and privacy and we take appropriate action in the
event of any kind of breach,” Ms. Lengkeek said.

Kathleen McLaughlin, an American freelance journalist in Beijing who sits on
the board of the Foreign Correspondents' Club of China, said the group has
confirmed that 10 journalists, including herself, had their accounts
compromised.

Like the others, said she received a message from Yahoo on Thursday
indicating that her account had been disabled because, according to an
automated message, "we have detected an issue with your account."

She said she contacted Yahoo but has yet to receive an explanation of what
happened. “Someone is clearly targeting journalists,” she said. “It makes me
feel very uncomfortable.”Yahoo, which in 2005 sold its China operations to
the Chinese e-commerce company Alibaba, has faced criticism for cooperating
with government security officials in the past. In 2004, Yahoo turned over
data that officials used to help prosecute several dissidents. One, a
journalist named Shi Tao, was later given a 10-year sentence for leaking a
secret propaganda directive.

Although the company owns a 39 percent stake in Alibaba, Ms. Lengkeek, the
Yahoo spokeswoman, stressed that Yahoo no longer has operational control
over the China business.

Unlike services offered by Google and Microsoft, Yahoo emails sent to and
from China travel through Chinese servers, a factor that has driven many
privacy-conscious users away from Yahoo's e-mail services.

Computer security experts say infiltration of Yahoo’s e-mail service once
again highlights the challenges that Internet companies face in protecting
their customers from hackers.

Paul Wood, a senior analyst at the Symantec
Corporation<http://topics.nytimes.com/top/news/business/companies/symantec_corporation/index.html?inline=nyt-org>,
said a growing number of malignant viruses were tailored to specific
recipients, with the goal of tricking them into opening attachments that
would insert malware onto their computers. Mr. Wood said his company, which
designs anti-virus software, now blocks about 60 such attacks each day, up
from 1 or 2 a week in 2005. “They’re very well crafted and extremely
damaging,” he said.

A report <http://www.messagelabs.com/resources/mlireports.aspx> issued by
Symantec on Monday found that nearly 30 percent of attacks originated from
computers in China; about 20 percent of those came from Shaoxing, a
relatively obscure city in Zhejiang Province previously known for
winemaking.

Mr. Wood and other experts point out that attacks appearing to come from a
certain location can just as easily be emanating from computers infected
with botnets, a virus that allows them be controlled remotely by other
computing systems.

It is this kind of rogue software that is probably responsible for crippling
the Web site of Chinese Human Rights Defenders <http://crd-net.org/>, a
group that has been an assertive critic of China’s human rights violations.
Since last Thursday, the group’s Chinese-language site has been overwhelmed
by hackers flooding it with junk requests, a tactic known as denial of
service. Although the site has been attacked before, the attacks did not
last more than a few hours.

Renee Xia, the international director for the human rights group, said the
assault began the same day the American company that is host to its site, Go
Daddy, announced that it would stop registering domain names in China.
“Maybe it’s a coincidence, but we don’t think so,” Ms. Xia said.

Google Finds New Cyberattack

SAN FRANCISCO — Google said Tuesday that it had discovered a cyberattack
aimed at Vietnamese Internet users around the world. The attack was less
sophisticated than those that originated in China and appeared to be aimed
at Chinese human rights activists.

Google said the attack may have infected the computers of tens of thousands
of people who downloaded Vietnamese keyboard language software.

An earlier version of this article referred incorrectly to the year in which
Yahoo turned some data over to Chinese officials, and also to the company's
relationship to Alibaba, the Chinese e-commerce company. The data was handed
over in 2004, not 2006. In 2005, the company sold its China operations to
Alibaba.


-- 
Ashni Mohnot
http://www.linkedin.com/in/ashnimohnot
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20100331/187d8e09/attachment.html>

More information about the liberationtech mailing list