Washington Post: Cyber attack on journalists' emails
Journalists' email accounts from the national security and business departments were targeted in a cyberattack on the Washington Post. Is China behind it?
(Image: smolaw/Shutterstock.com)
A cyberattack on the US daily newspaper Washington Post has compromised the email accounts of several journalists. The attack was possibly the work of a foreign government. According to the Wall Street Journal, which first reported on the incident on the weekend, representatives of the publishing house told some employees affected.
The attacker or attackers may have gained access to work emails sent and received by the journalists. Employees who report on national security and economic policy, including some who write about China, are said to be impacted, according to the Wall Street Journal, citing people in the newsroom. According to an internal memo from Post editor-in-chief Matt Murray, which was seen by the Wall Street Journal, only a limited number of email accounts are believed to have been affected. The problem was discovered on Thursday evening, after which an investigation was launched. Employees impacted by the cyberattack have been notified in recent days and instructed to remain silent about the matter, the Wall Street Journal added.
Journalists, a popular target
As journalists often speak to sensitive sources, they are a preferred target for cyberattacks or for the use of surveillance software on behalf of governments. For example, the Pegasus surveillance Trojan from the Israeli company NSO Group has been used against journalists in numerous countries. In early 2022, the US media group News Corporation, which publishes the Wall Street Journal among others, was the target of a cyberattack from abroad. At the time, the attackers were able to search through journalists' emails and documents, including drafts of articles. They were interested in topics such as Taiwan and the Uyghurs, which is why security experts suspected that China was behind the attack.
Videos by heise
As the Wall Street Journal now writes about people familiar with the matter, the data leak at the Washington Post could be less extensive than at News Corp. as presumably only emails were affected. The Post's reporters stated that they rarely handle sensitive information in emails. To communicate with sources, they would rather use encrypted messenger services such as Signal; internal coordination is mainly done via instant messaging services such as Slack.
“We do not believe that this unauthorized intrusion impacted additional systems at Swiss Post or impacted our customers,” Murray wrote in the memo sent internally to employees. The newspaper has also taken additional steps to secure its digital systems, he explained. This includes resetting the login data for all Swiss Post employees.
(akn)
