US journalists targeted by foreign hackers who show sophisticated understanding of American politics

As Chinese hackers scrambled to ascertain whether there would be a peaceful transfer of power in the US, they tried to break into the email accounts of high-profile US journalists, who can be softer targets for hackers than officials on US government networks.

The newly revealed hacking campaign shows just how valuable a target journalists can be to intelligence services in search of clues about US policy. To try to lure them, the attackers wrote email subject lines about then-President Donald Trump’s attempts to overturn the 2020 election, pandemic relief legislation and other enticing issues.

It’s unclear how successful the hacking campaign was — Proofpoint said it blocked the malicious emails that it found. But more journalists need to be aware of the issue because the number of capable hacking groups targeting journalists is “unprecedented,” said Ryan Kalember, Proofpoint’s executive vice president for cyber strategy. “And it’s only likely to increase.”

Proofpoint attributed the Chinese hacking efforts to a group that the UK government has linked with China’s civilian intelligence agency, the Ministry of State Security.

CNN has requested comment from the Chinese Embassy in Washington, DC. Beijing routinely denies hacking allegations and has repeatedly accused the US of engaging in cyber attacks against China.

Journalists are perennial targets for cyber espionage because they regularly interact with US government officials, whistleblowers and critics of authoritarian regimes — information that foreign intelligence services look to exploit. And breaching the computer network of a major newsroom could offer the hackers a foothold for a long-running intelligence collection effort.

Cybersecurity vigilance is all the more necessary for journalists, experts say, as the US prepares for midterm elections this fall and foreign actors may try to use media outlets to sow discord or spread disinformation about voting — as Russian operatives did in the 2016 presidential election.

Newsrooms should “take the time to review [hacking] incidents affecting others in your industry,” advised Runa Sandvik, the former senior director for information security at The New York Times. “Have a plan in place….