Security Experts:

Officials Downplay Cyber Attack Against White House Military Office

On Sunday night, news broke that hackers, allegedly linked to the Chinese government, managed to break into a system used by the White House Military Office (WHMO) for nuclear commands.

Senate Stalls with Amendments to Cybersecurity Bill

Bill Gertz of The Washington Free Beacon, broke the story, citing defense and intelligence officials familiar with the incident.

According to Gertz’s sources, “the cyber breach was one of Beijing’s most brazen cyber attacks against the United States and highlights a failure of the Obama administration to press China on its persistent cyber attacks.”

While the attack may have been a bold attempt to gain access into one of Washington’s most sensitive networks, the White House is downplaying the attack.

“This was a spear phishing attack against an unclassified network,” a White House spokesperson told SecurityWeek. “These types of attacks are not infrequent and we have mitigation measures in place.”

And according to the White House, while the attackers may have found an entry point into a sensitive network, the attack was identified and stopped quickly.

“In this instance the attack was identified, the system was isolated, and there is no indication whatsoever that any exfiltration of data took place,” the spokesperson added. “Moreover, there was never any impact or attempted breach of any classified system.”

Whil these types of attacks may be unsettling, they should come as no surprise, as they happen every day, against both private organizations and government agencies.

“The White House Military Office provides military support for White House functions, including food service, Presidential transportation, medical support and emergency medical services, and hospitality services,” the White House web site explains.

Additionally, the WHMO Director oversees military operations on Air Force One as the Presidential aircraft travels around the world.

The WHMO's operational units include the White House Communications Agency, Presidential Airlift Group, White House Medical Unit, Camp David, Marine Helicopter Squadron One, Presidential Food Service, and the White House Transportation Agency. For the curious, you can learn more about the White House Military Office here.

Not only did a source tell Gertz that the attack was linked to China, they went further to say specifically that it was likely the work of “Chinese military cyber warfare specialists under the direction of a unit called the 4th Department of General Staff of the People’s Liberation Army, or 4PLA.”

The White House would not comment to SecurityWeek on who they believe was responsible for the attack or comment on dates of when the attack occurred.

While some argue that China is being overly-blamed for cyber attacks, it’s no secret that the super power of the East is targeting U.S. Government secrets, and has obtained troves of sensitive and classified data from government and defense contractors over the years.

“It's getting harder and harder for China's leaders to claim ignorance and innocence as to the massive electronic reconnaissance and cyber intrusions activities directed by Chinese interests at the U.S. government and our private sector,” Michael Wessel, Commissioner of the U.S.-China Economic and Security Review Commission, said in a report released by Northrop Grumman back in March 2012.

“While [The White House] stated that there is no indication that classified information has been compromised, the attack was aimed at the most sensitive part of American national security – reportedly strategic nuclear and presidential communications including the President’s travel,” Anup Ghosh, CEO of Invincea and a former scientist at the Defense Advanced Research Projects Agency (DARPA), told SecurityWeek.

Ghosh agreed that it might be too early to be pointing fingers at China.

“While some reporting is that this attack is being attributed to China, we should not jump too quickly to this conclusion as it is still to preliminary to determine conclusively,” Ghosh said. “We do know that over the past 24 months China has been aggressively targeting America’s corporations for their intellectual property and our government agencies and departments for critical national security information.” 

“The White House, every Fortune 1,000 and Global 2,000 organization – medium sized business, small business, consumers – ALL are at risk from spear-phishing attacks,” Ghosh said.

And according to Ghosh, the United States appears to be on the losing end of an aggressive cyber conflict waged by nation states, organized cyber criminals and hacktivists: “We need to understand this as well as demand solutions to address these attacks because our national security and our competitive futures are at stake. We need to give this critical priority – it needs to be a discussion at every level of our government and we must rapidly adopt new technologies to protect our nation from this threat.”

Related: A Convenient Scapegoat - Why All Cyber Attacks Originate in China