Establishing Digital Trust: Don't Sacrifice Security for Convenience
"The Post attack was first discovered in 2011 even though the hackers likely first successfully hacked the paper’s systems as early as 2008," writes Slate's Daniel Politi.
"The cyberattack targeted The Post’s main information technology server and several other computers, said people familiar with the incident who spoke on the condition of anonymity to describe details the company did not release publicly," write The Washington Post's Craig Timberg and Ellen Nakashima. "These people said that sensitive administrative passwords likely were compromised, giving hackers potentially wide-ranging access to The Post’s systems before the computers were taken offline and enhanced monitoring was put in place to prevent a recurrence."
A former Post employee told Krebs on Security's Brian Krebs that at least three servers and several desktops were compromised. "They transmitted all domain information (usernames and passwords)," the employee said. "We spent the better half of 2012 chasing down compromised PCs and servers. [It] all pointed to being hacked by the Chinese. They had the ability to get around to different servers and hide their tracks. They seemed to have the ability to do anything they wanted on the network."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"Mandiant, a cybersecurity firm used by the paper, has provided a possible motive for the attacks," writes SmartCompany's Andrew Sadauskas. "'[Chinese government hackers] want to know who the sources are, who in China is talking to the media. ... They want to understand how the media is portraying them -- what they’re planning and what’s coming,' Mandiant vice president Grady Summers says."