Twitter, Washington Post targeted by hackers

NEW YORK (AP) — Social media giant Twitter

is among the latest U.S. companies to report that it is among a growing

list of

victims of Internet security attacks, saying that hackers may have

gained access to information on 250,000 of its more than

200 million active users. And now, The Washington Post is joining

the chorus, revealing the discovery of a sophisticated cyberattack

in 2011.

Twitter said in a blog post on Friday it detected attempts to gain access to its user data earlier in the week. It shut down

one attack moments after it was detected.

But Twitter discovered that the attackers

may have stolen user names, email addresses and encrypted passwords

belonging to

250,000 users they describe as "a very small percentage of our

users." The company reset the pilfered passwords and sent emails

advising the affected users.

The Twitter attack comes on the heels of recent hacks into the computer systems of U.S. companies, including The New York

Times and The Wall Street Journal. Both newspapers reported this week that their computer systems had been infiltrated by

China-based hackers, likely to monitor media coverage the Chinese government deems important.

On Friday, The Washington Post disclosed in

an article published on its website that it was also the target of a

sophisticated

cyberattack, which was discovered in 2011 and was first reported

by an independent cybersecurity blog. Washington Post spokeswoman,

Kris Coratti, didn't offer any details including the duration of

the attack or the origins. But according to sources that

the newspaper quoted, who it said spoke on condition of anonymity,

the intruders gained access as early as 2008 or 2009. According

to the sources, Chinese hackers are also suspected.

Coratti couldn't be reached immediately for comment by The Associated Press. According to her comments made to the newspaper,

the company worked with security company Mandiant to "detect, investigate and remediate the situation promptly at the end

of 2011."

China has been accused of mounting a

widespread, aggressive cyber-spying campaign for several years, trying

to steal classified

information and corporate secrets and to intimidate critics. The

Chinese foreign ministry could not be reached for comment

Saturday, but the Chinese government has said those accusations

are baseless and that China itself is a victim of cyberattacks.

Twitter didn't provide any clues as to

whether it believes that China was behind its hack. However, the blog

post by the company's

director of information security, Bob Lord, made clear that the

hackers knew what they were doing. Lord said in the blog that

the attack "was not the work of amateurs, and we do not believe it

was an isolated incident."

"The attackers were extremely sophisticated,

and we believe other companies and organizations have also been

recently similarly

attacked," Lord said. "For that reason we felt that it was

important to publicize this attack while we still gather information,

and we are helping government and federal law enforcement in their

effort to find and prosecute these attackers to make the

Internet safer for all users."

Reached on Saturday, Twitter spokesman Jim Prosser had no further comment.

Based on the few details released about the

Twitter and Washington Post attacks it's hard to say whether Chinese

hackers were

involved, said Rich Mogull, CEO of Securosis, an independent

security research and advisory firm. There are certain pieces

of malicious software that are characteristic to Chinese hackers,

he said, but "the problem is not enough has been made public."

One theory is that the Twitter hack happened

after an employee's home or work computer was compromised through

vulnerabilities

in Java, a commonly used computing language whose weaknesses have

been well publicized. Independent privacy and security researcher

Ashkan Soltani said such a move would give attackers "a toehold"

in Twitter's internal network, potentially allowing them

either to sniff out user information as it traveled across the

company's system or break into specific areas, such as the

authentication servers that process users' passwords.

The relatively small number of users affected suggests that attackers weren't on the network long or that they were only able

to compromise a subset of the company's servers, Soltani said.

Twitter is generally used to broadcast messages to the public, so the hack might not immediately have yielded any important

secrets. But the stolen credentials could be used to eavesdrop on private messages or track which Internet address a user

is posting from.

That might be useful, for example, for an authoritarian regime trying to keep tabs on a journalist's movements.

"More realistically, someone could use that as an entry point into another service," Soltani said, noting that since few people

bother using different passwords for different services, a password stolen from Twitter might be just as handy for reading

a journalist's emails.