The New York Times says Chinese hackers have repeatedly launched cyber attacks against its website and journalists since the paper angered Beijing by posting an article exposing the wealth of a senior politician.
In a detailed report published Thursday, the newspaper says hackers used tactics known to be employed by the Chinese military to break into its network and steal the email passwords of several senior reporters and other employees.
The paper says the attacks began about the same time it published a blockbuster October story detailing $2.7 billion allegedly accumulated by the family of outgoing Chinese Premier Wen Jiabao.
At the time, China reacted angrily to the story, which threatened the reputation of a leader known for his clean image. It immediately blocked the Times' English and Chinese websites and threatened unspecified "consequences" for the story.
On Thursday, foreign ministry spokesperson Hong Lei called the hacking charges "irresponsible" and "baseless."
"According to some investigative results, which showed no proof and had uncertain evidence and a baseless conclusion, China had participated in online attacks. That is a totally irresponsible conclusion. China is also a victim of online attacks. China's laws clearly ban online attacks."
The Times says the hacking attempt was discovered, in part, by Mandiant, a computer security company, which alerted the Times to the cyber attacks just one day after the Wen Jiabao article was published.
The paper does not know how the hackers broke into its network, but it suspects they used an email to employees containing malicious links or attachments. It says they were soon able to steal the corporate passwords for "every Times employee."
The hackers then used the passwords to access dozens of employees' personal computers, with the apparent aim of finding the sources of information for the article. It says the primary target was Shanghai bureau chief David Barboza, who wrote the article.
Jill Abramson, executive editor of the Times, says hackers were not able to access sensitive emails or files from the article on Mr. Wen, which relied on publicly available records such as corporate documents. The paper also says no customer data was stolen.
The paper says, when Mandiant security officials became aware of the attack, they allowed the hackers to "spin a digital web" for four months in an effort to discover their identity. The investigation showed that hackers tried to conceal their activities by routing their attacks through computers at universities in the United States. They also tried to hide their location by continually switching IP addresses, a code that identifies computers on a network.
Other details suggested that the source of the attacks was China. The paper says hacker teams regularly attacked the system, beginning at 8 am. Beijing time, continuing for a standard work day.
The security company says those methods are consistent with previous cyber attacks associated with the Chinese military, which observers say regularly outsources cyber attacks and uses other ways to conceal its activities.
The Times says it has expelled the attackers by blocking the compromised outside computers, changing every employee password and undertaking other security measures. But it says it expects more hacking attempts in the future.
Despite the Chinese refusal of the hacking charges, the latest story seems to have further upset Chinese leadership. In addition to the angry responses by the foreign ministry and defense officials, Chinese censors worked furiously to delete conversations about the controversy on domestic social media sites.