Washington Post Journalists Targeted in Cyberattack

The Washington Post was the subject of a cyberattack, according to news broken by The Wall Street Journal. Among the affected employees were journalists covering topics such as national security and economic policy. 

“Attacks against journalists are a serious problem,” says Roger Grimes, Data-Driven Defense Evangelist at KnowBe4. “In most cases, the journalist has to click on a rogue link and somehow get tricked into running the malware. However, there are many commercial surveillance vendors (CSVs) with many zero-days that require zero clicks by the targeted journalist. This is a very serious problem and the cybersecurity world is trying to come to grips with how to treat CSVs who create and deploy zero-click zero-days. It’s a real problem that our industry is just starting to try and grapple with. It’s not helped when different governments, even our own government and its allies, also use these services. When they do, it’s harder to say do as I say but not as I do.”

The Washington Post discovered the hack last Thursday. The newspaper then reset login credentials for all employees the following day. 

At this time, it is not known who is behind the cyberattack.