Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Network Security / Wall Street Journal Hacked Again
Wall Street Journal Hacked Again
Wall Street Journal Hacked Again
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports computer systems housing some of its news graphics were breached.

The systems have been taken offline in an effort to isolate any attacks, according to people familiar with the matter cited in a Wall Street Journal article. The Journal has not found any damage or tampering, these people said, but the matter is not yet closed.

"We are investigating an incident related to's graphics systems,” a spokesperson for the Journal said. “At this point we see no evidence of any impact to Dow Jones customers or customer Relevant Products/Services."

China’s Not to Blame

This is not the first time the Wall Street Journal has been a target of hackers. Both The New York Times and the Wall Street Journal pointed fingers of accusation at China in the wake of hacking incidents in February 2013.

A damaging report from security firm Mandiant made security headlines by suggesting that APT1, a prolific cyber-espionage group that has conducted attacks on a number of victims since at least 2006, is likely sponsored by the Chinese government and is one of the most persistent of China's threat actors. Media groups like the Journal were apparently prime targets.

This time around no one is blaming China. IntelCrawler, a cyberthreat intelligence firm, discovered the breach and notified the Journal. IntelCrawler’s CEO, Andrew Komarov, found the vulnerability the hacker, known as Rev0lver and W0rm, tapped to breach the Journal’s systems.

"We confirmed there is the opportunity to get access to any database on the server, a list of over 20 databases hosted on this server," he told the Journal.

Where Did the Journal Go Wrong?

We caught up with Tim Erlin, director of IT risk and security strategy at Tripwire, to get his thoughts on the Wall Street Journal hack. He told us as the demands on Web-based applications increase, so do the systems that support the user experience through the browser.

“An increasingly complex ecosystem of supporting technology allows for far richer interaction, but the cost is often a much larger attack surface,” Erlin said. “This isn't a case where the Wall Street Journal simply failed to apply a patch. These kinds of vulnerabilities can be done directly on the code itself or through interaction with the application, but both approaches have their limitations."

What’s the Motive?

We also asked Ken Westin, a security researcher at Tripwire, to chime in on the incident. He told us the individual or group that is targeting these media sites appear to be taking advantage of vulnerabilities in Web-based applications and platforms.

“At least for now, these attackers also appear to be doing so for notoriety versus a profit or political motive,” Westin said. “The screenshots provided on the Twitter account shows the user on a Mac with Russian characters in the menu and their Pastebin posts are in Russian, so that provides a bit of information on the origin of the group."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.