State Sponsored Hackers Compromised The Email
State-Sponsored Hackers Compromise Washington Post Journalists’ Email Accounts
TL;DR
A cyberattack, likely orchestrated by state-sponsored hackers, compromised the Microsoft email accounts of several Washington Post journalists. The attack targeted reporters covering China and national security, highlighting the ongoing threat of cyber espionage against high-profile media outlets.
Main Content
State-Sponsored Hackers Compromise Washington Post Journalists' Email Accounts
A sophisticated cyberattack, believed to be the work of state-sponsored hackers, has compromised the Microsoft email accounts of several journalists at The Washington Post. The targeted reporters include those covering China and national security, underscoring the heightened risk of cyber espionage against prominent media organizations.
"A cyberattack on The Washington Post compromised email accounts of several journalists and was potentially the work of a foreign government, company officials told some affected staffers in recent days, according to people familiar with the situation," reads the report published by The Wall Street Journal.
"Staffers were told the intrusions compromised journalists' Microsoft accounts and could have granted the intruder access to work emails they sent and received, some of the people said. The reporters targeted include those on the national-security and economic-policy teams, including some who write about China, the people said."
The cyberattack was discovered on June 13. On June 15, the media outlet informed its staff via a memo about the potential compromise of the Microsoft email accounts of a limited number of journalists. Executive Editor Matt Murray sent the memo to the employees.
As a precautionary measure, The Washington Post reset all employee passwords following the intrusion, which did not affect other systems or customers.
The Washington Post, headquartered in Washington, D.C., is one of the most influential and widely read newspapers in the United States. Known for its investigative journalism, in-depth political coverage, and reporting on national and international news, it was acquired by Jeff Bezos, the founder of Amazon, in 2013.
In February 2022, American media and publishing giant News Corp revealed it was a victim of a cyberattack from an advanced persistent threat actor that took place in January. The attackers compromised one of the company's systems and had access to emails and documents of some employees.
Initial investigations into the hack revealed that the attack was carried out by a nation-state actor for cyber espionage purposes. News Corp hired cybersecurity and incident response firm Mandiant to assist with the investigation. Mandiant researchers speculated the attack was conducted by a China-linked APT group.
"Mandiant assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests," David Wong, vice president of consulting at Mandiant, told Reuters.
News Corp-owned WSJ reported that the attack affected a major portion of the news conglomerate, including The Wall Street Journal and New York Post.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Washington Post)
For more details, visit the full article: source
References
Conclusion
The cyberattack on The Washington Post serves as a stark reminder of the persistent threat posed by state-sponsored hackers targeting high-profile media organizations. As cyber espionage continues to evolve, it is crucial for media outlets to bolster their cybersecurity measures to protect sensitive information and maintain journalistic integrity. The incident highlights the need for vigilance and robust security protocols in the face of increasingly sophisticated cyber threats.