A report from a pair of Google security engineers claims that 21 of the 25 largest news outlets in the world have been attacked by hackers that were likely either working for governments or carrying out the attacks in support of them, according to Reuters.
Shane Huntley, who released the report at a Black Hat conference in Singapore this week with co-author Morgan Marquis-Boire, says that journalists were “massively over-represented” in the overall pool of people who were victims of such attacks. For example, Huntley mentioned that Chinese hackers penetrated one “major” Western news outlet using a carefully-written questionnaire that was emailed to that organization’s staff members.
“If you’re a journalist or a journalistic organization we will see state-sponsored targeting and we see it happening regardless of region, we see it from all over the world both from where the targets are and where the targets are from,” Huntley said.
Part of the problem is the lack of attention paid to security by news organizations. “A lot of news organizations are just waking up to this,” said Marquis-Boire. However, individual journalists are taking steps to protect themselves and their sources, even as their organizations lag behind.
“We’re seeing a definite upswing of individual journalists who recognize this is important,” Marquis-Boire said.
Considering the volume of people that have used passwords as simplistic as “123456,” we’re not terribly surprised that a lack of focus on the issue of security has been at the forefront of the problem.