The Washington Post is investigating a cyber-attack on the email accounts of some of its journalists.

According to a source familiar with the matter, an internal memo reviewed by Reuters and an article by the Wall Street Journal, the intrusion was discovered on Thursday and the newspaper immediately initiated an investigation.

The incident saw all Post employees have their passwords reset, with executive editor Matt Murray saying that the intrusion was not thought to have had any impact on any additional Post systems or on customers.

Intruder Access

The WSJ report added that staffers at the Washington Post were told the intrusions compromised journalists' Microsoft accounts and could have granted the intruder access to work emails.

The reporters whose emails were targeted included members of the national security and economic policy teams, including some who write about China, the report added.

Dr. Ilia Kolochenko, CEO at ImmuniWeb and a Fellow at the British Computer Society, said: “Sadly, well-known journalists have always been in the crosshairs of various cyber-threat actors. The journalists frequently get a lot of explosive information from confidential sources and whistleblowers, which may represent a great risk or interest for nation states, organised crime and business conglomerates.

"Moreover, even if the information is not related to an entity that procures a cyber-attack against media, it may be exploited for blackmailing against journalists and their sources, as well as the entities who are exposed in the journalistic materials – as not all information received by journalists becomes public."

Kolochenko said that in view of the swiftly unfolding geopolitical crisis around the globe, we should expect the number of sophisticated attacks against reputable media to surge this year – both to compromise sensitive data and try to launch global misinformation campaigns.

Tailored Attacks

Jake Moore, global cybersecurity advisor at ESET, said: “The selective and tailored attacks of those who cover specific areas suggest a very strategic approach and by no means a phishing exercise.

“It also shows the extreme lengths nation state actors can and will go in targeting foreign narratives and agendas at an attempt to dampen down some stories. The relentless attempts to pick out direct people delivers disruption as well as a clear message to the industry as a whole.”

Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.