Hacking isn't nice

Brian Stelter has an article in The New York Times about hacking:

It might just be the most worrisome letter to the editor any news organization can receive.PBS fought oto restore the Web sites for two news programs on public television, Frontline and PBS NewsHour, both crippled by hackers who said they were angered by coverage of WikiLeaks.
The incidents were the latest examples of what security experts call “reputational attacks” on media companies that publish material that the hackers disagree with. Such companies are particularly vulnerable to such attacks because many of them depend on online advertising and subscription revenue from websites that can be upended by the clicks of a hacker’s keyboard and because, unlike other targets, like government entities and defense contractors, they are less likely to have state-of-the-art security to thwart attacks.
The PBS attack was said to be motivated by a Frontline film about WikiLeaks that was broadcast and published online on 24 May. Some supporters of Julian Assange, the WikiLeaks founder, and Bradley Manning, a soldier who is suspected of having shared hundreds of thousands of government files with WikiLeaks, criticized the film and claimed that it portrayed the two men in a negative light.
When the anonymous hackers posted a fake news article on a PBS blog and published passwords apparently obtained from PBS servers late Sunday night, they attached complaints about the film, which was titled WikiSecrets.
Staff member at PBS said they were appalled by the hackings— perceived to be attempts to chill independent journalism— and, to a lesser extent, by the long delay in having the sites restored. In a telephone interview, David Fanning, the executive producer of Frontline, called the incidents a “real intrusion into the press” and said they should not be characterized as mere pranks. “This is what repressive governments do,” he said. “This is what people who don’t want information out in the world do; they try to shut the presses.” Mr. Fanning said Frontline included multiple points of view in WikiSecrets and provided forums for criticism of the film. Other staffers, speaking anonymously because they had not been authorized by PBS to speak on the record, did not point the finger for the hack directly at WikiLeaks, but some did suggest that it would be hypocritical for any supporters of such a group to try to tamp down on freedom of information.
From time to time, other news organizations have wound up in the bull’s-eye of hacker groups, sometimes after they have published unflattering information about those very groups.
Last December, websites belonging to Gawker Media were forced to stop publishing when hackers gained access and stole the names and passwords of some users. Gawker had been critical of hacker groups like the one called Anonymous that had attacked security firms and websites of the Egyptian government.
The group that claimed responsibility for the PBS attack this week, called Lulzsec, also hacked Fox.com, the Web site of the Fox broadcast network, earlier this spring and divulged personal information about some of the potential contestants on a reality show. “We don’t like you very much,” the group wrote in a letter touting the successful break-in.
Individual subjects of media coverage have also been known to retaliate using hacking tactics: in a well-publicized case that led to a conviction last year, a New Jersey man spread a computer virus that searched for mentions of his name in online articles and tried to shut down the hosts of those articles.
The PBS attack appeared to start with Sunday’s publication of a fake news article about the rapper Tupac Shakur being spotted alive in New Zealand. (He died in 1996.) Then, on Monday afternoon, the Frontline site was infiltrated, Mr. Fanning said. Comparing it to a rock being chucked through a storefront window, he said, “I don’t believe it will in any way hinder our continuing reporting on these sorts of subjects, but it is a cautionary note.”
Among the news sources affected was Tehran Bureau, a well-regarded source of news about Iran that is operated under the Frontline umbrella. The websites appeared to be back online on Tuesday afternoon.
Robert Corn-Revere, a partner at the law firm Davis Wright Tremaine who specializes in First Amendment law, compared the hacking incident to the vandalism of a newspaper box or the theft of the papers from the box. “Something like that is not a protected First Amendment act, even though you’re expressing frustration with a newspaper,” he said.
When the website for PBS NewsHour was disrupted, staffers turned to sites like YouTube, where they posted Monday’s newscast, and Tumblr, where they published transcripts and the news organization’s features. PBS said that visitors to the sites did not have their personal information compromised, as has occurred in other hacking cases. “As this breach shows, there’s more than just personally identifiable information at risk,” said Phil Blank, a security analyst with Javelin Strategy & Research. Many websites, he said, fail to take appropriate steps to combat “website defacing” and “reputational risk.” In the event of a hacker attack, news organizations, he said, “lose both ways— they lose from the ‘Gee, don’t they take care of their website?’ perspective, and they lose from the ‘How do I know the information they’re putting out is accurate?’ perspective.”