In the days just before the January 6 attack at the US Capitol Building in 2021, a flurry of emails with seemingly anodyne subject lines started landing in the inboxes of White House correspondents and other journalists who cover national politics. Those subject lines, pulled from recent US news articles, read like quick blasts of news filtered through a distinctly partisan lens: US issues Russia threat to China. Trump Call to Georgia Official Might Violate State and Federal Law. And, Jobless Benefits Run Out as Trump Resists Signing Relief Bill.
In reality, those were emails sent by Chinese hackers, part of a sprawling intelligence collection campaign detailed in recent days by Proofpoint
More ominously, though, that specific effort was just one of a multitude of state-backed hacking campaigns targeting US-based journalists tracked by the Proofpoint team. And not only have those efforts intensified in recent years, to include cyberattacks originating everywhere from North Korea to Iran that target US journalists.
Ominously, Proofpoint’s newly released analysis has also found these and other hackers relying on a sophisticated suite of tools including phishing emails as recently as just a few weeks ago, all in an effort to burrow into computer systems and access sensitive information that journalists via their high-profile sources are often privy to.
Hackers, regardless of state affiliation, “have and will likely always have a mandate to target journalists and media organizations and will use associated personas to further their objectives and collection priorities,” Proofpoint’s report warns. “From intentions to gather sensitive information to attempts to manipulate public perceptions, the knowledge and access that a journalist or news outlet can provide is unique in the public space.
“Targeting the media sector also lowers the risk of…