The New York Times exposes a cyber attack, for whatever that's worth

The New York Times exposes a cyber attack, for whatever that’s worth

A view of the New York Times building in New York in December 2008. The newspaper reported Thursday that hackers with likely ties to the Chinese military allegedly infiltrated several of its computers over the last four months, possibly in connection with a series of stories it ran on the fortunes amassed by family members of outgoing Chinese Prime Minister Wen Jiabao.

By Jon Healey

Jan. 31, 2013 12 AM PT

The New York Times published a chilling report Wednesday that its computer network had been under prolonged, sophisticated attack by hackers apparently based in China. I say “chilling” because the hackers’ most likely goal was to identify the sources behind a particularly sensitive Times expose: the revelations about the wealth accumulated by relatives of Chinese Prime Minister Wen Jiabao. If people in China (or anywhere else, for that matter) come to believe they can’t talk to journalists without being hunted down by the authorities, they’ll stop blowing the whistle on crime and corruption.

Two things struck me about the Times’ piece. The first was the well-crafted non-denial denial by a Chinese government spokesman. The newspaper reported that its security consultant and other experts traced the attacks to “the same university computers used by the Chinese military to attack U.S. military contractors in the past,” and that the malware used was “a specific strain associated with computer attacks originating in China.”

It’s conceivable that Chinese officials swore up and down to the Times that none of this was true, but that’s not how they’re quoted:

“Asked about evidence that indicated the hacking originated in China, and possibly with the military, China’s Ministry of National Defense said, ‘Chinese laws prohibit any action including hacking that damages Internet security.’ It added that ‘to accuse the Chinese military of launching cyberattacks without solid proof is unprofessional and baseless.’ ”

Spun like a pro.

Now here’s the other thing. Assume just for the sake of argument that the Chinese military or other government forces were indeed behind the hacking. What’s the right response?

If this were a country that placed no value on the rule of law, the answer might seem simple: Hack back in a proportionate but persuasive way. But we do value the rule of law. And more than that, there’s a real chance such a retaliation would escalate the dispute into an even more serious cyber brawl.

Then what about imposing some kind of economic sanctions? Our massive trade imbalance with China puts us in a position to lay a much bigger hurt on them through tariffs and import restrictions than they could on us. Yet persuading the WTO to impose any such penalty would take years, by which time the potential to deter further attacks will have evaporated.

The lack of an effective response is what’s so vexing about cyber crime, and why so much of it seems to be practiced under government sponsorship. The state of the art in computer forensics appears to have advanced to the point where we really can identify the individual computers that originate the hacks. But we still can’t tell from these techniques who was operating those computers, or on whose orders the attacks were carried out. All the evidence is circumstantial, and governments around the world are quick to deny having any hand in any intrusions, malware deliveries or phishing attempts.

So the attacks go on, with the occasional high-profile arrest and prosecution that appear to have exactly zero deterrent effect.

“This is the Wild West,” Gen. William L. Shelton, commander of the Air Force Space Command, said in a recent interview. The Defense Department’s networks are probed millions of times daily, Shelton said, adding, “We have seen a lot of information gathered by adversaries this way. It is the new way to do intelligence.”

He estimated that 80% to 90% of the malicious activity online is for financial gain, but the skills that cyber criminals develop “are directly translatable” to political or military targets. The attack on the Times, like the series carried out by the “Izz ad-Din al-Qassam Cyber Fighters” on U.S. banks, is a good example of the shift that Shelton was talking about.

The Times responded by beefing up its cyber defenses and writing about the episode. That’s probably the best it can do. But do you think that will dissuade any politically motivated hackers from attacking again the next time the Western media airs something they don’t like?

ALSO:

Photos: Unbuilt L.A.

Kinsley: The debt debate

The feline killer that stalks the streets

Follow Jon Healey on Twitter @jcahealey