In the report, Jill Abramson, the executive editor of The Times, said the security experts found that no sensitive emails or files from its reporting on the Wen family were accessed or copied. The Times hired computer security experts at Mandiant to investigate the hacker attacks.
This isn't the first time Chinese hackers have targeted a major news organization —The Times report notes that Bloomberg was the subject of an attack last year — but the persistent hacking campaign against The Times illustrates that China is concerned about stories that may tarnish its public image, security experts told the paper.
In total, the hackers gained access to the personal computers of 53 employees, most of them outside the newsroom, after they stole the corporate passwords for every Times employee, the paper said. The style of the attacks mirrored techniques used by the Chinese military, according to The Times, and they originated from breached computers at U.S. universities.
U.S. officials have pointed fingers at China for launching hacker attacks against American companies and government networks. The U.S.-China Economic and Security Review Commission said in a report this fall that China's advanced cyber capabilities are the biggest threat facing the U.S. in cyberspace.
When asked about the attacks against the paper, China's Ministry of National Defense told the paper that the claims were "unprofessional and baseless."
The report notes that the hackers were very active on Nov. 6, the day of the presidential election, but they were only focused on peering into Barboza's email correspondence rather than disrupting the paper's website and operations.
The Times report also raises questions about the effectiveness of Symantec's anti-virus software, which the paper uses to protect its computers systems. While the hackers installed 45 pieces of custom malware in paper's systems over the span of three months, The Times reported that there was only one instance in which Symantec software identified a hacker's software and quarantined it.
To expel the hackers from their systems, the Times said the paper removed back doors to its computer network, added additional security around its systems and changed every employee password. Still, Mandiant and Times executives said in the report that they anticipate future attacks from hackers.