China Suspected of Cyberattack on News Corp

News Corp was the target of a hack that gained access to emails and documents of some employees, including journalists, an incursion that the company's cybersecurity consultant said was likely designed to gather intelligence for China's benefit.

Source: WSJ | Published on February 4, 2022

BEC attacks

According to an email sent to staff on Friday, the attack, discovered on Jan. 20, affected a number of publications and business units, including The Wall Street Journal and its parent Dow Jones; the New York Post; the company's U.K. news operation; and News Corp headquarters.

News Corp stated that it notified law enforcement and hired cybersecurity firm Mandiant Inc. to assist with the investigation.

"Mandiant believes those behind this activity have a China connection and are likely engaged in espionage activities to collect intelligence to benefit China's interests," said David Wong, vice president of incident response at Mandiant.

In a securities filing on Friday, News Corp disclosed the hack, stating that preliminary analysis indicates that data was stolen.

The Chinese Embassy in Washington did not immediately respond to requests for comment.

In a memo to employees, News Corp stated that it believes the threat activity has been contained. Employees who have been affected have received guidance from the company.

"We are dedicated to safeguarding our journalists and sources." We will not be deterred from our goal of providing unrivaled journalism and analysis. "We will continue to publish the important stories of our time," Almar Latour, CEO of Dow Jones and publisher of The Wall Street Journal, said.

According to the securities filing and a person familiar with the matter, the company's investigation indicates that systems housing financial and customer data, including subscriber information, were not impacted.

According to law enforcement and cybersecurity experts, journalists are frequently high-priority targets for hackers seeking intelligence on behalf of foreign governments because they speak to sources who may have valuable or sensitive information. Journalists and human-rights activists have been subjected to extensive surveillance.

For years, US authorities have accused Chinese-based hackers of targeting a variety of American businesses and government institutions. According to FBI Director Christopher Wray, Beijing has a "massive, sophisticated hacking program that is larger than those of every other major nation combined." According to Mr. Wray, the FBI has more than 2,000 active investigations into allegations of Chinese government-directed theft of U.S. information or technology.

China has denied allegations of cyberattacks on numerous occasions.

Chinese hackers attempting to monitor news coverage of China hacked into the Journal's network in 2013, apparently aiming to spy on reporters covering China and other issues, according to the Journal. A similar attack had occurred at the New York Times. At the time, a spokesman for the Chinese embassy condemned allegations of Chinese cyberspying and stated that Beijing prohibits cyberattacks.

China revoked the press credentials of three Journal reporters based in Beijing in February 2020. The move, according to China's Foreign Ministry, was retaliation for an opinion piece published by the Journal. The three journalists work for the Journal's news division, which is completely separate from the editorial staff.

The following month, the Trump administration announced a personnel cap on four state-run Chinese media outlets in the United States. Later that March, China expelled American journalists from a variety of news organizations, including the Journal.

In November 2021, each country agreed to relax visa requirements for the other's journalists. The Journal was one of a few U.S. news organizations that were set to receive new press credentials for some of their employees.