Hackers from China have “persistently” infiltrated the New York Times for the last four months, the US paper says.
It said the attacks coincided with its report into claims that the family of Chinese Premier Wen Jiabao had amassed a multi-billion dollar fortune.
The hackers used methods which have been “associated with the Chinese military” to target the emails of the report’s writer, the paper said.
China’s Defence Ministry told the paper hacking was illegal under its laws.
According to the Times, the hackers first broke into their computer system in September, as the report on Mr Wen was nearing completion.
The report, which was dismissed as a “smear” by the Chinese government, said Mr Wen’s relatives had amassed assets worth at least $2.7bn (£1.7bn) through business dealings. It did not accuse the Chinese premier of wrongdoing.
China is sensitive about reports on its leaders, particularly when it comes to their wealth.
‘China-based subterfuge’
The New York Times said the hacking was focussed on the computers of David Barboza, the paper’s bureau chief in Shanghai who wrote the report, and one of his predecessors, Jim Yardley.
Internet security firm Mandiant, which was hired by the Times to trace the attack, followed the hackers’ movements for four months, to try to establish a pattern and block them.
The hackers had installed malware which enabled them to access any computer using the New York Times network, steal the password of every employee, and access 53 personal computers, mostly outside the Times offices.
The security firm found that in an attempt to hide the origin of the attack, it had been routed through computers in US universities which, the paper said, “matches the subterfuge used in many other attacks that Mandiant has tracked to China”.
The Times said experts had found that the attacks “started from the same university computers used by the Chinese military to attack United States military contractors in the past”.
They found the hackers began working for the most part at 08:00 Beijing time.
Mandiant’s chief security officer, Richard Bejtlich, said that “if you look at each attack in isolation, you can’t say, ‘This is the Chinese military’,” but that the similar patterns and targets of the attacks indicated a connection.
“When you see the same group steal data on Chinese dissidents and Tibetan activists, then attack an aerospace company, it starts to push you in the right direction,” he said.
The paper said no personal data of staff or customers was stolen and that no attempt was made to shut down its website.
“They could have wreaked havoc on our systems,” said chief information officer Marc Frons. But he said what they appeared to be looking for were “the names of people who might have provided information to Mr Barboza”.
There was also no evidence that sensitive emails or files on the Wen family had been accessed, or that the intruders had sought information unrelated to the Wen family, the paper said.
China’s Ministry of National Defence told the paper: “Chinese laws prohibit any action including hacking that damages internet security” and that “to accuse the Chinese military of launching cyber attacks without solid proof is unprofessional and baseless”.
