Connect with us

Hi, what are you looking for?



Officials Downplay Cyber Attack Against White House Military Office

On Sunday night, news broke that hackers, allegedly linked to the Chinese government, managed to break into a system used by the White House Military Office (WHMO) for nuclear commands.

Senate Stalls with Amendments to Cybersecurity Bill

On Sunday night, news broke that hackers, allegedly linked to the Chinese government, managed to break into a system used by the White House Military Office (WHMO) for nuclear commands.

Senate Stalls with Amendments to Cybersecurity Bill

Bill Gertz of The Washington Free Beacon, broke the story, citing defense and intelligence officials familiar with the incident.

According to Gertz’s sources, “the cyber breach was one of Beijing’s most brazen cyber attacks against the United States and highlights a failure of the Obama administration to press China on its persistent cyber attacks.”

While the attack may have been a bold attempt to gain access into one of Washington’s most sensitive networks, the White House is downplaying the attack.

“This was a spear phishing attack against an unclassified network,” a White House spokesperson told SecurityWeek. “These types of attacks are not infrequent and we have mitigation measures in place.”

And according to the White House, while the attackers may have found an entry point into a sensitive network, the attack was identified and stopped quickly.

“In this instance the attack was identified, the system was isolated, and there is no indication whatsoever that any exfiltration of data took place,” the spokesperson added. “Moreover, there was never any impact or attempted breach of any classified system.”

Advertisement. Scroll to continue reading.

Whil these types of attacks may be unsettling, they should come as no surprise, as they happen every day, against both private organizations and government agencies.

“The White House Military Office provides military support for White House functions, including food service, Presidential transportation, medical support and emergency medical services, and hospitality services,” the White House web site explains.

Additionally, the WHMO Director oversees military operations on Air Force One as the Presidential aircraft travels around the world.

The WHMO’s operational units include the White House Communications Agency, Presidential Airlift Group, White House Medical Unit, Camp David, Marine Helicopter Squadron One, Presidential Food Service, and the White House Transportation Agency. For the curious, you can learn more about the White House Military Office here.

Not only did a source tell Gertz that the attack was linked to China, they went further to say specifically that it was likely the work of “Chinese military cyber warfare specialists under the direction of a unit called the 4th Department of General Staff of the People’s Liberation Army, or 4PLA.”

The White House would not comment to SecurityWeek on who they believe was responsible for the attack or comment on dates of when the attack occurred.

While some argue that China is being overly-blamed for cyber attacks, it’s no secret that the super power of the East is targeting U.S. Government secrets, and has obtained troves of sensitive and classified data from government and defense contractors over the years.

“It’s getting harder and harder for China’s leaders to claim ignorance and innocence as to the massive electronic reconnaissance and cyber intrusions activities directed by Chinese interests at the U.S. government and our private sector,” Michael Wessel, Commissioner of the U.S.-China Economic and Security Review Commission, said in a report released by Northrop Grumman back in March 2012.

“While [The White House] stated that there is no indication that classified information has been compromised, the attack was aimed at the most sensitive part of American national security – reportedly strategic nuclear and presidential communications including the President’s travel,” Anup Ghosh, CEO of Invincea and a former scientist at the Defense Advanced Research Projects Agency (DARPA), told SecurityWeek.

Ghosh agreed that it might be too early to be pointing fingers at China.

“While some reporting is that this attack is being attributed to China, we should not jump too quickly to this conclusion as it is still to preliminary to determine conclusively,” Ghosh said. “We do know that over the past 24 months China has been aggressively targeting America’s corporations for their intellectual property and our government agencies and departments for critical national security information.” 

“The White House, every Fortune 1,000 and Global 2,000 organization – medium sized business, small business, consumers – ALL are at risk from spear-phishing attacks,” Ghosh said.

And according to Ghosh, the United States appears to be on the losing end of an aggressive cyber conflict waged by nation states, organized cyber criminals and hacktivists: “We need to understand this as well as demand solutions to address these attacks because our national security and our competitive futures are at stake. We need to give this critical priority – it needs to be a discussion at every level of our government and we must rapidly adopt new technologies to protect our nation from this threat.”

Related: A Convenient Scapegoat – Why All Cyber Attacks Originate in China

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.


ENISA and CERT-EU warn of Chinese threat actors targeting businesses and government organizations in the European Union.