Flash
Official Dog Handler
Joined: 04 May 2005
Posts: 9848
Location: Arizona USA
|
 Posted: Fri 08 Feb 2013, 23:37 Post subject:
 The Ultimate Invasion of Privacy |
|
How a Chinese hacker used my private nickname, personal emails, and sensitive documents to try to blackmail me
| Quote: | ...I was the chairman of a company that was building shopping centers in China. The company was a partnership of three entities: a major U.S. bank, a Chinese state-owned enterprise, and my firm. We were building centers in third- and fourth-tier cities. The anchor tenant was a multinational hypermarket. Nearly all the employees were Chinese. It was an exhilarating adventure for me, but it was of little consequence politically. The enterprise was building Chinese shopping centers in Chinese cities for Chinese consumers.
Even so, all of our Internet activity was monitored. There was a small modem-like device attached to the primary server in our computer room. It was not terribly clandestine. We were told that the “government” would be restricting access to international news sites and various Chinese sites.
Our Chinese employees were used to this sort of thing. But for my American colleagues and me, the monitoring was a novelty. Although most international sites were accessible, certain stories on news websites were blacked out. When the power or the Internet would go down, we would promptly get a phone call from China Telecom, our service provider. They were on a friendly, first-name basis with our Shanghainese-speaking IT guy. “What’s up?” they’d ask. “Why are you offline?” They feared we would just disconnect the monitoring device, and they wanted to let us know they were paying attention. But I didn’t have anything to hide, so I didn’t give it much more thought.
I looked at the documents that were attached to the blackmail request. There were operating budgets and business plans. There were confidential memos to the senior management of my financial partner, written at their request, reviewing the progress of their projects. There were memos critical of staff. There were emails between my own team and me exchanging casual commentary on people and places, frustrations and triumphs. Perfectly appropriate for private consumption but not for public consumption. Then there were emails from my personal account. Some concerned the troubled life of my recently deceased mother.
It’s one thing to tell yourself you have nothing to hide; it’s another to surrender all privacy to a hostile intruder. And if Eric had these documents, what else did he have? What else did he know? What else was there to know? Who was doing this? Why? What did other people already know? Was there anything about me they didn’t know, or couldn’t misconstrue to their advantage? The intrusion was like a digital cancer that could expand ad infinitum, nourishing itself on every link and attachment and contact address, jeopardizing the privacy of others as well as my own.
The Times story of Jan. 30 reported that the newspaper had been hacked from Mainland China in an apparent attempt to stymie a Times investigation into the finances of Premier Wen Jiabao. The article quoted the newspaper’s executive editor, Jill Abramson, who sought to reassure readers and sources. “Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” she said. A few paragraphs later, however, the story went on to note: “Security experts found evidence that the hackers stole the corporate passwords for every Times employee and used those to gain access to the personal computers of 53 employees, most of them outside the Times’ newsroom. Experts found no evidence that the intruders used the passwords to seek information that was not related to the reporting on the Wen family.”
That’s hardly consoling. You have to wonder how confident any future confidential Chinese source will feel about approaching a Times reporter. Every employee of the paper had his or her corporate password stolen, and 53 employees had their personal computers penetrated. Once that happens, the hackers have the ability to observe and record everything. And to keep it forever.
The Times article described how the hackers would normally begin their probing at 8 a.m. and knock off after eight hours. On the clock. Mundane. Banal. In my case, experts I consulted told me that the hacking probably came from government monitors who wanted extra cash. During office hours they did their monitoring, and after hours they sought to supplement their income with a little freelancing. I wonder how many Times staffers will be contacted by their own “Eric.” I wonder how many of those individuals are having to revisit, as I did, their belief that they have nothing to hide.... |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index » Off-Topic Area » Security
