Suggestions that Associated Press offices were compromised by hackers in Operation Shady Rat have prompted fears that potentially vulnerable sources may be deterred from coming forward in future. From the South China Morning Post:
The Washington Post reported that the news agency in Hong Kong, which was compromised for 21 months with its office in New York also infiltrated for eight months, was The Associated Press. That agency is one of three news bureaus in town with a headquarters in New York, fitting the description in the McAfee report. The others are Bloomberg and The Wall Street Journal.
The AP offices in Hong Kong and Beijing could not be reached for comment. The Journal refused to comment.
Mak Yin-ting, chairwoman of the Hong Kong Journalists Association, said there were fears that anonymous sources, often whistle-blowers of malpractice and corruption, would hold back from speaking to the media if they knew their identities might be exposed by hackers.
“As a media organisation we contact many different people and we have rich sources of information. So we are more vulnerable [to hacking],” Mak said.
This would not be the first time that electronic communications used in newsgathering had been shown to be insecure, however. A Caixin reporter’s email account was compromised last month, as were hundreds of Gmail accounts, including some journalists’, the month before, while Yahoo!’s email service saw a high-profile spate of breaches last year.
See also China Chief Suspect in Major Cyber Attack and Shady Rat Hacking Is Not About China, via CDT.
