7

It's not only the New York Times that gets hacked

A woman reads the front page of the New York Times on the Internet.

So it turns out it wasn't just the New York Times. The Wall Street Journal reported today that its own computers had been infiltrated by Chinese hackers as well.

And it's not just media companies that are getting the unwanted online attention. Corporations from Google to Lockheed Martin to Coca-Cola have had their computer systems hacked for both political reasons and economic ones.

In Google's case, Chinese hackers were looking for the names -- and the email addresses -- of political activitists in that country, says Wired senior writer Kim Zetter.

But what do you want from Coke? "There, it's economic espionage. You want to know what your competitors are doing," says Zetter. "You may not want to focus on the recipe for Coke, although that is a good one, but you might also want to know factory secrets -- you know, how does Coke operate successfully?"

It is the cost of doing business on the Internet. And since companies -- and even individuals -- can't really avoid that, Zetter says, "Everyone has to figure how to mitgate the risks and live in a sustainable way with the risks."

Basically, you're going to get hacked -- better plan for it.

About the author

Kai Ryssdal is the host and senior editor of Marketplace, public radio’s program on business and the economy.
Log in to post7 Comments

Kai, it pained me to hear you ask a question along the lines of "How could they get hacked, aren't they running an anti virus?" Hacking may or may not use a virus. If the hacking doesn't use a virus, why would it be reasonable to think that an anti-virus could block the hack?

"Basically, you're going to get hacked -- better plan for it. " really should be, "You chose to be vulnerable to hacking - and you reaffirmed your vote the last time you bought a computer system. The market sells you what you want to buy, and you have repeatedly chosen performance over security. The market knows how to build secure systems, and will sell you those if you vote with your wallet. If you choose instead to be vulnerable, so be it. "

I agree with Demulliga. I worked on a system for a long time in the 70’s which came from Multics and Schroeder’s paper on ACL’s. You can never prove that a system is secure if you build the security in software on top of a system that was intended to let anyone write drivers, which is overwhelmingly what we have. But you sure can if you build on top of hardware that is provably secure. Unfortunately, you will also spend 10% or so of your transistors on security, which was seen then as a no-no, although it look laughable in 2013. The real question is, what disaster will it take to move to a new architecture? I hope it will not be losing a war.

@dmulliga you sound like an as/400 guy. you are also wrong. if a system is connected to a network...not the internet, just another computer...the risk of compromise is very real. it is not the OS that provides security, it's old fashioned policy and continuous monitoring.

if you run a web browser, if you read email, if your system responds to a ping...it's vulnerable, and it's vulnerable because its users are subject to manipulation by the bad guys. it's a question of when not if.

back to as/400...my former employer cooked the books for ten years because no one understood how iseries worked or how to efficiently monitor millions of transactions per month. they would just roll the losses over on the 29th and everything looked normal to anyone who wasn't a subject matter expert, including big blue when we outsourced IT. i would argue it was one of the most successful hacks i've seen, since it happened in plain sight and no one could provide evidence. a more rigid audit would have caught the activity but who in the world is gonna pay a mainframe guy to just read log files and not actually touch a system?

I'm going to venture a guess that there's a whole LOT more hacking going on than we're aware of. Not only are most computers, computer parts and smartphones made in China (which has, for better or worse, become the hotbed of hacking insurgents) but much of the telecommunications and internet framework of the world now comes from China.

It would be a short technological leap for a country which makes component parts to tweak a microchip here or install a snooping device there with few of us being even the slightest bit the wiser.

What often goes unrecognized and un-discussed, whenever the press covers computer break-ins, is that one of the roots of the problem is that there are major flaws in the architectures of the most popular operating systems. It's not just buggy code, or bad implementation; it is the fact that security was not even thought about when these systems were designed. It then becomes very difficult to retrofit the design to make it more secure.

There are a few secure operating systems out there; systems that were designed from the beginning with security in mind. But as is often the case, marketing has determined the winners in the market place rather than quality of the technology.

"Basically, you're going to get hacked -- better plan for it."

No Kai ... some of us will never be hacked; because viruses and worms (or any unknown task) can not even run on our systems; and everything that is not specifically allowed is forbidden. Our systems are not friendly; they're purposely restrictive. But it's really all a matter of your access and security philosophy, and how much you care to spend in money and effort.

With Generous Support From...