New Corp disclosed in securities filings on Friday that they discovered an attack on one of their systems that resulted in a data breach that occurred in January of 2022. While it’s not confirmed that weak password security was the cause of this data breach it is very likely that someone had a weak password. The filing does however cite that “preliminary analysis indicates that foreign government involvement may be associated with this activity”. News Corp also mentioned that the cyberattack was persistent in nature and they are still investigating the nature, scope, duration, and impacts to their data but they believe the issue is contained.
In an email sent to his staff, David Kline, News Corp’s CTO wrote that that data breach affected “a limited number” of email accounts and documents. The same email also cited that “some data was taken” and that “those behind this activity have a China nexus and believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests.” This email was reported and viewed by the New York Times.
The biggest area of concern of this data breach is that journalists were the prime target and considering journalists enlist confidential sources throughout the world it may cause risk to those sources and whatever story they were working on.
News Corp like many others is working with Mandiant, a cybersecurity consulting firm whose mission is to secure the world’s organizations from cyber threats. Mandiant gained notoriety in 2013 when it released a report that directly implicated China in cyber espionage.
According to FBI Director, Christopher Wray, the Chinese government is stealing a tremendous amount of information from American businesses which has resulted in over 2,000 active investigations and new cases are created about every 12 hours.
The FBI Director continues to explain the Chinese government strategy as “so insidious is the way it exploits multiple avenues at once, often in seemingly innocuous ways.” The Chinese government has what’s called a “Made in China 2025” that lists out technology that are keys to their manufacturing success. The implication of this is that if the Chinese can’t make it, they will steal it from other Countries.