In, I Was Hacked in Beijing, New York Times reporter Andrew Jacobs details the break-in of his Yahoo e-mail account while in China. As he described in a related story, Journalists’ E-Mails Hacked in China, his e-mail troubles were far from unique. He writes:
“In what appeared to be a coordinated assault, the e-mail accounts of more than a dozen rights advocates, academics and journalists who cover China have been compromised by unknown intruders … The infiltrations, which involved Yahoo e-mail accounts, appeared to be aimed at people who write about China and Taiwan, rendering their accounts inaccessible …”
The worst problems are the ones you don’t know about. Reporters whose accounts were disabled, were relatively lucky. Jacobs, on the other hand had his e-mail silently diverted. As he puts it, “In the case of this reporter, hackers altered e-mail settings so that all correspondence was surreptitiously forwarded to another e-mail address.”
Reporters covering China may be the worst case scenario, but they are not alone in needing to increase the security of their e-mail. What follows are some suggestions that apply to anyone whose e-mail contains information they consider sensitive.
Yahoo presents vulnerabilities
Using Yahoo for e-mail was, perhaps, the first mistake these reporters made. One victimized reporter said, “I’m angry at the Chinese, but I blame Yahoo for allowing this to happen.” In fairness, there is no way to know who/what was at fault in these cases. But one reporter had his account disabled due to “an issue.” What does this mean? The reporter contacted Yahoo and never got a reply.
Read the rest at eSecurity Planet.