媒体巨头新闻集团说它有fallen victim to a cyberattack。首次分析表明,这次攻击是国家赞助的攻击,针对新闻集团员工(包括记者)的电子邮件和文件。News Corp说,数据被盗,但没有包含财务数据或订户信息。

根据新闻集团提供的一份声明,该黑客还影响了控制《伦敦时报》和《太阳报》的部门。

调查

新闻集团报告了攻击一个文件已发送给美国证券交易委员会(SEC)。

“In January 2022, the Company discovered that one of these systems was the target of persistent cyberattack activity. Together with an outside cybersecurity firm, the Company is conducting an investigation into the circumstances of the activity to determine its nature, scope, duration and impacts. The Company’s preliminary analysis indicates that foreign government involvement may be associated with this activity, and that data was taken. To the Company’s knowledge, its systems housing customer and financial data were not affected. The Company is remediating the issue, and to date has not experienced any related interruptions to its business operations or systems. Based on its investigation to date, the Company believes the activity is contained. At this time, the Company is unable to estimate the expenses it will incur in connection with its investigation and remediation efforts.”

Targets

In an email to its employees, News Corp stated that the attack was discovered on January 20 and affected a number of publications and business units including The Wall Street Journal and its parent Dow Jones, the New York Post, the company’s UK news operation, and News Corp headquarters.

“We appear to have been the target of persistent nation-state attack activity that affected a limited number of our employees.”

新闻集团首席技术官戴维·克莱恩(David Kline)和首席信息安全官比利·奥布赖恩(Billy O’Brien)在给员工的电子邮件中说:

“我们不会容忍对新闻业的攻击,也不会阻止我们的报告,这为读者提供了重要的消息。”

归因

The firm that was brought in to investigate the incident believes the attackers are likely involved in espionage activities to collect intelligence to benefit China’s interests. News Corp said it would provide details of the breach to other news organizations so they could take appropriate measures.

正如许多其他安全当局指出的那样,中国一直在加大对美国和欧洲组织的网络攻击。例如,美国当局指责中国在2021年Microsoft Exchange Email Service中遭受了巨大的违规行为。在违规情况下,与中国国家安全部相关的黑客访问了数千个与企业,政府办公室和全球学校相关的电子邮件帐户。