U.S. Reporter May Have Been Chinese Cyberpawn
Political journalist Bruce Stokes' name was used to help further what may have been a Chinese cyberespionage plot, according to information found in U.S. diplomatic cables unveiled by WikiLeaks.
The Washingtonian reports that in 2009, five U.S. State Department employees who were negotiating with Chinese counterparts to reduce greenhouse-gas emissions received e-mails from someone whom they believed to be Stokes. He is a writer for the National Journal, a weekly magazine aimed at Washington insiders.
The e-mails bore Stokes' name and contact information, and even included comments pertaining to each recipient's job. But the e-mail address did not originate from an official National Journal account, and attached to each message was a Trojan horse an innocuous-seeming file containing a computer virus.
If the file were opened, the malware inside would allow whoever was behind it to gain access to the affected computer and steal sensitive information.
This type of cleverly crafted, targeted e-mail is consider part of a spear phishing attack. Such campaigns are especially effective because at first glance the e-mails appear legitimate, and often even include a personalized message from the supposed sender.
The Washingtonian writer believes Stokes was targeted by Chinese cyberspies because of his strong political connections his wife, Wendy Sherman, was President Bill Clinton's policy coordinator on North Korea, and Todd Stern, the U.S. climate-change envoy, is Stokes' longtime friend.
It is not known whether the State Department employees opened the malicious attachments, but the leaked cable says the targeted computers were using a security measure that would have prevented infection.