Symantec denies blame after Chinese govt hacks The New York Times

Summary:After one of the world's most famous newspapers points the finger at Symantec for failing to protect its network against a four-month long Chinese cyberattack, the security firm returns fire.

After The New York Times slyly pointed the finger at Symantec for failing to protect it from a four-month long series of attacks by Chinese hackers, the anti-malware and security firm has fired back with its own critical rhetoric.

nyt-banner
The New York Times newsroom. (Credit: The New York Times)

Read this

2012: Looking back at the major hacks, leaks and data breaches

ZDNet looks back at the year, on a month-by-month basis, at some of the most publicized hacks, leaks and data breaches of 2012.

Arguably one of the world's most well-regarded and well-known newspapers, The Times exclusively reported yesterday that its own networks have been "persistently attacked" by Chinese hackers, and that they infiltrated computer systems and acquired passwords for its reporters and other employees.

The newspaper, with help from security experts, "expelled the hackers" and "kept them from breaking back in."

The Times believes that the timing of the attacks coincided with an investigation it carried out in late October, which found that the Chinese Prime Minister had accumulated "several billion dollars through business dealings."

Clearly, the Chinese government--specifically the "Chinese military", according to AT&T, which informed the newspaper of the attacks--did not approve of such fine investigative journalism.

But in the report, The Timesalso took the opportunity to prod Symantec with a sharp journalism stick, after the newspaper found that most of the malware floating around on its network wasn't even detected by the security firm's software that it uses on its network.

The prodding commences:

Over the course of three months, attackers installed 45 pieces of custom malware. The Times--which uses antivirus products made by Symantec--found only one instance in which Symantec identified an attacker's software as malicious and quarantined it, according to Mandiant.

When the newspaper spoke to Symantec, the security company declined to offer comment on customers "as a matter of policy."

But then came Symantec's formal response.

Symantec said this morning in a press release that while such a series of attacks "underscore how important it is for companies, countries, and consumers to make sure they are using the full capability of security solutions," the firm noted that security solutions alone will not combat such attacks, and that common sense must prevail and other preventative actions must be employed.

The security firm added:

Turning on only the signature-based anti-virus components of endpoint solutions alone are not enough in a world that is changing daily from attacks and threats. We encourage customers to be very aggressive in deploying solutions that offer a combined approach to security.

Anti-virus software alone is not enough.

Ouch.

Chinese Foreign Ministry spokesperson Hong Lei told reporters in Beijing, via Bloomberg BusinessWeek, that The Times' allegations are "groundless."

Topics: Security, Malware

About

Zack Whittaker writes for ZDNet, CNET, and CBS News. He is based in New York City.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.