HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 8 MINUTES AGO.
You are here: Home / World Wide Web / Wall Street Journal Hacked Again
Wall Street Journal Hacked Again
Wall Street Journal Hacked Again
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JULY
23
2014



Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports computer systems housing some of its news graphics were breached.

The systems have been taken offline in an effort to isolate any attacks, according to people familiar with the matter cited in a Wall Street Journal article. The Journal has not found any damage or tampering, these people said, but the matter is not yet closed.

"We are investigating an incident related to wsj.com's graphics systems,” a spokesperson for the Journal said. “At this point we see no evidence of any impact to Dow Jones customers or customer data."

China’s Not to Blame

This is not the first time the Wall Street Journal has been a target of hackers. Both The New York Times and the Wall Street Journal pointed fingers of accusation at China in the wake of hacking incidents in February 2013.

A damaging report from security firm Mandiant made security headlines by suggesting that APT1, a prolific cyber-espionage group that has conducted attacks on a number of victims since at least 2006, is likely sponsored by the Chinese government and is one of the most persistent of China's threat actors. Media groups like the Journal were apparently prime targets.

This time around no one is blaming China. IntelCrawler, a cyberthreat intelligence firm, discovered the breach and notified the Journal. IntelCrawler’s CEO, Andrew Komarov, found the vulnerability the hacker, known as Rev0lver and W0rm, tapped to breach the Journal’s systems.

"We confirmed there is the opportunity to get access to any database on the wsj.com server, a list of over 20 databases hosted on this server," he told the Journal.

Where Did the Journal Go Wrong?

We caught up with Tim Erlin, director of IT risk and security strategy at Tripwire, to get his thoughts on the Wall Street Journal hack. He told us as the demands on Web-based applications increase, so do the systems that support the user experience through the browser.

“An increasingly complex ecosystem of supporting technology allows for far richer interaction, but the cost is often a much larger attack surface,” Erlin said. “This isn't a case where the Wall Street Journal simply failed to apply a patch. These kinds of vulnerabilities can be done directly on the code itself or through interaction with the application, but both approaches have their limitations."

What’s the Motive?

We also asked Ken Westin, a security researcher at Tripwire, to chime in on the incident. He told us the individual or group that is targeting these media sites appear to be taking advantage of vulnerabilities in Web-based applications and platforms.

“At least for now, these attackers also appear to be doing so for notoriety versus a profit or political motive,” Westin said. “The screenshots provided on the Twitter account shows the user on a Mac with Russian characters in the menu and their Pastebin posts are in Russian, so that provides a bit of information on the origin of the group."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Barium Ferrite Is The Future Of Tape: Barium Ferrite (BaFe) offers greater capacity, superior performance, and longer archival life compared to legacy metal particle (MP) tape. Click here to learn more.
MORE IN WORLD WIDE WEB
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
Using Internet-connected devices without strong passwords is inherently risky, as illustrated by reports that a Russian Web site is showing live footage from thousands of people's webcams.

ENTERPRISE HARDWARE SPOTLIGHT
Doctor Who had K-9, the robot dog that accompanied him on adventures through space. Now, Mountain View has K5, a 5-foot-tall, 300-pound robot security guard patrolling in the Bay Area.

MOBILE TECHNOLOGY SPOTLIGHT
To better its customer service, Comcast is pulling out at least some of the stops. The cable giant has launched an app so you can track the cable guy in real time. It's designed to ease customer frustration.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.