Following the public reports from The New York Times and The Wall Street Journal on Thursday that computers of personnel at both news organizations were breached by attacks originating from China, computer security expert Brian Krebs on Friday posted a report on his blog, “Krebs On Security,” claiming that the Washington Post was also the victim of a cyber attack in 2012. As Krebs, who used to cover cybersecurity for The Post, writes:
According to a former Washington Post information technology employee who helped respond to the break-in, attackers compromised at least three servers and a multitude of desktops, installing malicious software that allowed the perpetrators to maintain access to the machines and the network.
“They transmitted all domain information (usernames and passwords),” the former Post employee said on condition of anonymity. “ We spent the better half of 2012 chasing down compromised PCs and servers. [It] all pointed to being hacked by the Chinese. They had the ability to get around to different servers and hide their tracks. They seemed to have the ability to do anything they wanted on the network.”
The Post has declined to comment on the source’s claims, saying through a spokesman that “we have nothing to share at this time.” But according to my source, the paper brought in several computer forensics firms – led by Alexandria, Va. based Mandiant – to help diagnose the extent of the compromises and to extract the intruders from the network. Mandiant declined to comment for this story.
Read the full report here.
(H/T: Kim Zetter)