How the New York Times cleaned house after its hack attack
If your house was infested with mice, the chances are that you would call a pest control firm to get rid of them.
Once they had done their work, you might go as far as to replace some of the furniture nibbled by the rodents but you probably wouldn’t replace every single item they had touched.
Yet that was the approach taken by the New York Times when it cleaned house after its internal network was infested by a more modern nuisance – computer hackers.
Every device, be it a laptop or chunk of network hardware, known or thought to have been compromised by the Chinese hackers was thrown out and replaced with a shiny, and more importantly, clean machine.
The newspaper wanted to be sure that no trace of the hackers remained.
In addition, the NYT beefed up its defences, blocked access from other compromised machines that had been used to get into its network and found and removed every back door into the newspaper’s network.
The decision to replace computers was motivated by the all-encompassing access that the attackers had to the NYT network. In an article detailing the attack, the NYT said the Chinese attackers had access for at least four months.
Graham Cluley, senior technology consultant at security company Sophos, which often helps companies cope with intrusions by hackers, said replacing all those machines was “a bit extreme”.