NYT Hacking Reveals Serious Problems

NYT Hacking Reveals Serious Problems

By Nick Crowe

Over the past year, U.S. media outlets have been the victims of a series of hacking's  The most recent attacks occurred last week when The New York Times and The Wall Street Journal had their systems compromised by Chinese hackers. The Times reported that the attacks are a part of a long-running pattern by a “foreign entity” to breach security at major U.S. companies.

The attack on the Times was particularly interesting. The newspaper reported that their antivirus software made by Symantec failed to identify 45 of the 46 strains of malware placed on their computers. Shortly after the attack, Symantec made a statement saying, "Turning on only the signature-based antivirus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats."

The problem that many companies now face is the growing sophistication and complexity of these new strains of malware. Many believe that their current antivirus systems will protect them from all attacks, but as these recent attacks show, they won’t.

There is yet another interesting element to these recent attacks. They are becoming much more personal than past attacks. Harry Sverdlove, CTO of Bit9, noticed the difference between these attacks and others in the past saying, "This is atypical for Chinese espionage attacks. The more personal an attack gets, the more targeted it becomes and the less effective traditional security will be in that situation."

Amidst these recent developments, the U.S. has begun the process of beefing up their cyber security. An attack on databases in the Pentagon, for example, is something the country cannot afford. The Pentagon’s ultimate plan of expanding their group of cyberwarriors has not yet reached Congress. The plan, however, is very simple. Over the next several years, the military chiefs want to dramatically increase the size of the DOD’s cyber command by more than 500 percent, from 900 to 4,900 troops and civilians. Traditionally, Cyber Command has been a defensive organization. However, if Congress approves their plan, that will no longer be the case. In addition to increased security and defense, Combat Mission Forces will help execute offensive operations as well. This is a significant change is cyber security, but it is what is now necessary as hackers and their malware become increasingly dangerous.