Chinese Computer Hackers Break Into White House Military Network

Chinese Computer Hackers Break Into White House Military Network






Bill Gertz has the grim news in the Washington Free Beacon:
Hackers linked to China's government broke into one of the U.S. government's most sensitive computer networks, breaching a system used by the White House Military Office for nuclear commands, according to defense and intelligence officials familiar with the incident.
One official said the cyber breach was one of Beijing's most brazen cyber attack against the United States and highlights a failure of the Obama administration to press China on its persistent cyber attacks.
Disclosure of the cyber attack also comes amid heightened tensions in Asia, as the Pentagon moved two U.S. aircraft carrier strike groups and Marine amphibious units near waters by Japan's Senkaku islands.
China and Japan-the United States' closest ally in Asia and a defense treaty partner-are locked in a heated maritime dispute over the Senkakus, which China claims as its territory.
U.S. officials familiar with reports of the White House hacking incident said it took place earlier this month and involved unidentified hackers, believed to have used computer servers in China, who accessed the computer network used by the White House Military Office (WHMO), the president's military office in charge of some of the government's most sensitive communications, including strategic nuclear commands. The office also arranges presidential communications and travel, and inter-government teleconferences involving senior policy and intelligence officials.
An Obama administration national security official said: "This was a spear phishing attack against an unclassified network."
Spear phishing is a cyber attack that uses disguised emails that seek to convince recipients of a specific organization to provide  confidential information. Spear phishing in the past has been linked to China and other states with sophisticated cyber warfare capabilities.
The official described the type of attack as "not infrequent" and said there were unspecified "mitigation measures in place."
"In this instance the attack was identified, the system was isolated, and there is no indication whatsoever that any exfiltration of data took place," the official said.
The official said there was no impact or attempted breach of a classified system within the office.
Teenagers? Or Chinese government sponsored criminals? It sounds like the hacking job was unremarkable - the attack was on an unclassified network - so amatuers looking for a thrill might have been responsible.
But it also may have been a test by professionals. Government hackers may have accessed the network to gauge our response to an attack. They also may have been looking for an "in" to more sensitive parts of the system.
Let's hope this was a wake up call to our cyber security people.