Hackers Targeted News Corp’s Tech Suppliers


Hackers with suspected links to China targeted News Corp's third-party technology suppliers, according to a company filing.

News Corp, which owns the New York Post and The Wall Street Journal parent Dow Jones, said it was the target of a hack that accessed emails and documents of journalists and other employees.

The company in a securities filing on Friday said it “relies on third-party providers for certain technology and 'cloud-based' systems and services that support a variety of business operations,” and that one of these systems “was the target of persistent cyber attack activity.”

The attack came as US officials over the past year have been increasingly warning of criminal and nation-state hackers breaking into the computer systems of organizations through sometimes opaque supply chains for software and other technologies.

A News Corp spokesman on Friday declined to comment on its vendors or which data was stolen, citing a continuing investigation. In its email to staff, News Corp said that computer systems housing consumer and financial data weren't affected.

"In addition, we have not experienced interruptions related to our business operations," Chief Technology Officer David Kline and Chief Information Security Officer Billy O'Brien wrote in the email. "Based on our investigation to date, we believe the threat activity is contained."

WSJ Pro Cyber ​​Security

Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors.

Messrs. Kline and O'Brien said their inquiry is in its early stages.

The Wall Street Journal reported Friday that hackers had access to News Corp's systems since at least February 2020, gaining access to emails and Google Docs, including drafts of articles. Beijing that year expelled US journalists employed by news outlets including the Journal, the New York Times and the Washington Post.

Gaining access to emails and documents could give hackers snapshots of reporters' sources and plans for articles, said Runa Sandvik, a former senior director for information security at the New York Times.

“Let's say attackers get access to emails. Then, potentially, there could be communications about who is going to cover the Olympics in China,” said Ms. Sandvik, who now consults for media organizations. “How are they collaborating?”

News Corp said Friday it disclosed the hack to law-enforcement officials and is providing technical details of the attack on the Media and Entertainment Information Sharing and Analysis Center, a nonprofit that shares security information among the media industry.

Chris Taylor, director of the ME-ISAC, declined to comment on any data News Corp shared, as companies report such information under the promise of anonymity. In most incidents analyzed by the nonprofit, hackers blast out phishing emails to countless potential targets in the hope of landing a victim, Mr. Taylor said.

Attacks tailored for specific organizations "are scarier but they are way less frequent," he said. "Attackers will do more research."

client inc, a cybersecurity company that specializes in investigating hacks, is helping News Corp respond to the incident.

"Mandiant assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China's interests," said David Wong, Mandiant's vice president of consulting.

“China firmly opposes and combats cyber attacks and cyber theft in all forms,” a spokesman for the Chinese Embassy in Washington said in an email. "We hope that there can be a professional, responsible and evidence-based approach to identifying cyber-related incidents, rather than making allegations based on speculations."

The report of the breach comes days after Federal Bureau of Investigation Director Christopher Wray warned of Chinese-linked attempts to steal sensitive or valuable data. Speaking Tuesday at the Ronald Reagan Presidential Library, Mr. Wray highlighted last year's hack of thousands of US companies through certain versions of Microsoft Corps Exchange email client, which is used by many businesses.

“The Chinese government steals staggering volumes of information and causes deep, job-destroying damage across a range of industries—so much so that, as you heard, we're constantly opening new cases to counter their intelligence operations, about every 12 hours or so,” he said.

The Biden administration has ordered federal agencies to more aggressively vet their vendors and has urged companies to do the same as they shore up their internal defenses. Suppliers are appealing targets because they often have poorly understood connections to other businesses, cybersecurity experts say, raising the possibility that a single hack can wreak widespread havoc.

In December 2020, several federal agencies discovered that a suspected Russian espionage operation broke into their computer systems through a compromised software update from network-management firm SolarWinds corp Criminal hackers breached software provider Kaseya Ltd. last summer, exposing hundreds of its clients to potential ransomware attacks. SolarWinds and Kaseya said they worked with US officials and customers to respond to the respective breaches.

Write to David Uberti at david.uberti@wsj.com

Corrections & Amplifications
News Corp said in a securities filing that third-party technology systems used by the company were targeted in a cyber attack. An earlier version of this article incorrectly said hackers entered the company's computer systems through third-party technology providers.

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8


continue reading

https://dailytechnonewsllc.com/hackers-targeted-news-corps-tech-suppliers/

Comments

Post a Comment

Popular posts from this blog

China’s new space station opens for business in an increasingly competitive era of space activity

The International Space Station is no longer the only place where humans can live in orbit. On Nov. 29, 2022, the Shenzhou 15 mission launched from China's Gobi Desert carrying three taikonauts – the Chinese word for astronauts. Six hours later, they reached their destination, China's recently completed space station, called Tiangong, which means "heavenly palace" in Mandarin. The three taikonauts replaced the existing crew that helped wrap up construction. With this successful mission, China has become just the third nation to operate a permanent space station. China's space station is an achievement that solidifies the country's position alongside the US and Russia as one of the world's top three space powers. As scholars of space law and space policy who led the Indiana University Ostrom Workshop's Space Governance Program, we have been following the development of the Chinese space station with interest. Unlike the collaborative, US-led Inte
Read more

North Uist spaceport scheme could 'review' role of Russia-linked firm

Image
Plans to build a rocket-launching spaceport in the Outer Hebrides could be dealt a blow over links to Russia, we can reveal. Western Isles Council has signaled it may need to order a “review” of its partnership with consultancy firm Commercial Space Technologies (CST) Ltd, depending on future government advice. The firm is registered in the UK but has long-standing connections with Russia. Scottish ministers urged businesses on Thursday to cut their ties to Russia amid international outrage at Vladimir Putin's decision to invade Ukraine. CST said it had sought advice from the UK Government's department of international trade. The company is involved in a consortium which is driving the Spaceport 1 project at North Uist. North Uist It is working alongside the local authority, also known as Comhairle nan Eilean Siar, development agency Highlands and Islands Enterprise (HIE), and defense firm QinetiQ. The original plans attracted a flood of objects, but h
Read more

How Iran is accessing the social media accounts of protesters to incriminate them, experts say

Image
CNN — In between being blindfolded, locked in solitary confinement, and interrogated in a wheelchair while she was on a hunger strike following her late September arrest, Negin says she had a realization: Iranian officials were using her private Telegram chats, phone logs and text messages to incriminate her. “They told me 'Do you think you can get out of here alive? We will execute you. Your sentence is death penalty. We have evidence, we are aware of everything,'” said Negin, whose name CNN changed at her request, for her safety. Negin, who says she has been accused by Iranian authorities of running an anti-regime activist group on Telegram (an allegation she denies), said she has “some friends” who were political prisoners. “They put in front of me transcribed printouts of my phone conversations with those friends,” she said, and “questioned me on what my relationship with tho
Read more