Feeds

Google researcher says government hack attacks on journos on the rise

Everyone's a target, it seems

Internet Security Threat Report 2014

Most major news organisations are now the targets of state-sponsored attacks on their security, according to Google security researcher Shane Huntley.

According to Reuters, Huntley told the Singapore Black Hat conference on March 28 that his research, conducted in partnership with Citizen Labs' Morgan Marquis-Boire, revealed attacks on 21 out of the world's top 25 news organisations.

Huntley didn't reveal how many of those attacks Google believed had been successful, but news organisations known to have been infiltrated in some way include Forbes, the Financial Times, and the New York Times. The first two of these were claimed by the Syrian Electronic Army, while the New York Times attack is attributed to China.

The attacks that reach the public are, however, the tip of the iceberg of cliché, with Marquis-Boire noting that there's been a year-long campaign against journalists and bloggers following human rights issues in Vietnam.

According to Reuters, Huntley believes a recent successful attack against an unnamed Western news organisation involved a fake questionnaire e-mailed to its staff. This fits the general pattern of phishing, either via e-mail or malicious links in social media posts, being the attack of first resort for most high-profile hacks of recent times.

The abstract of Huntley's and Marquis-Boire's talk says news organisations are targeted using “0day-bearing documents, targeted spear-phishing and watering hole attacks [and] implants both custom nation-state designed and commercial”.

Huntley told Reuters: “If you're a journalist or a journalistic organisation we will see state-sponsored targeting and we see it happening regardless of region”. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Getting ahead of the compliance curve
Learn about new services that make it easy to discover and manage certificates across the enterprise and how to get ahead of the compliance curve.