5 Things to Know About the News Corp Hack: Chinese Espionage, Sensitive Data, and Ongoing Security Struggles
- What Happened? News Corp, the global media company that owns The Wall Street Journal, New York Post, and other publications, was targeted in a hack that lasted from February 2020 to January 2022.
The hackers gained access to the company’s email and document systems, including drafts of articles, and stole confidential information and personal data of employees. Cybersecurity firm Mandiant believes that the attack was carried out by a Chinese state-backed hacking group. - Why It Matters? The News Corp hack is a serious concern for media companies as they handle sensitive information and have access to anonymous sources and whistleblowers. The prolonged duration of the hack shows that attackers can go undetected for extended periods, compromising data and potentially threatening the credibility of media outlets. The fact that the hackers were looking for information related to China’s strategic interests raises concerns about the role of state-sponsored attacks in espionage activities and foreign policy.
- What’s Next? News Corp has notified its employees of the breach and is working with law enforcement and cybersecurity experts to investigate the incident. The company has reassured its employees that financial and customer data, including subscriber information, were not affected. News Corp has also emphasized its commitment to protecting journalists and sources and continuing to provide trusted journalism and analysis.
- The Role of Credential Compromise: The prolonged duration of the News Corp hack suggests that the attackers may have gained access through stolen login credentials. This highlights the importance of implementing privileged access management schemes and regularly scanning for credential re-use in known data breaches.
- The Need for Data-Centric Protection The best approach to protect against cyberattacks is to adopt a data-centric protection strategy that focuses on protecting the data itself rather than the borders around it. This can include methods such as tokenization, which replaces sensitive information with meaningless tokens, making it unintelligible and worthless to attackers even if they gain access to the data.