According to the Wall Street Journal, hackers with suspected ties to China targeted News Corp’s third-party technology vendors, according to its filing.
News Corp, which owns the New York Post and Dow Jones, the parent company of The Wall Street Journal, said it was the victim of a cyberattack that gained access to journalists’ and other employees’ emails and data.
In a filing with the Securities and Exchange Commission on Friday, Feb. 4, the company stated that it “relies on third-party providers for certain technology and ‘cloud-based’ systems and services that support a variety of business operations,” and that one of these systems “was the target of persistent cyberattack activity.”
News Corp claimed that computer systems containing consumer and financial data were unaffected in an email to employees.
The email reads: “In addition, we have not experienced related interruptions to our business operations.
“Based on our investigation to date, we believe the threat activity is contained.”
Hackers gained access to News Corp’s computers from at least February 2020, thus gaining access to emails and Google Docs, including drafts of articles. That year, Beijing banned American journalists working for publications such as The Wall Street Journal, the New York Times, and The Washington Post.
According to Runa Sandvik, a former senior director for information security at the New York Times, gaining access to emails and documents might provide hackers with images of reporters’ sources and article plans.
Sandvik said: “Let’s say attackers get access to emails. Then, potentially, there could be communications about who is going to cover the Olympics in China.
“How are they collaborating?”
Ms. Sandvik is now a consultant for media organizations.
Mandiant Inc., a cybersecurity firm specializing in hacking investigations, is assisting News Corp. with the issue.
David Wong, Mandiant’s vice president of consulting, said:
“Mandiant assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests.”
The Chinese Embassy in Washington refutes the cyberattack claims in an email.
The news of the hack comes just days after FBI Director Christopher Wray issued a warning about Chinese-linked attempts to steal sensitive or valuable data.
In a speech at the Ronald Reagan Presidential Library on Tuesday, Feb. 1, Wray mentioned the theft from thousands of U.S. firms last year through specific versions of Microsoft Corp.’s Exchange email client, which many businesses use.
He said, “The Chinese government steals staggering volumes of information and causes deep, job-destroying damage across a range of industries—so much so that, as you heard, we’re constantly opening new cases to counter their intelligence operations, about every 12 hours or so.”
The Biden administration has directed government agencies to conduct more thorough due diligence on their vendors and has pushed businesses to do the same as they strengthen their internal defenses. However, according to cybersecurity experts, suppliers are enticing targets because they frequently have poorly understood connections to other organizations, increasing the risk that a single attack might cause widespread chaos.