Hackers linked to China’s government broke into one of the U.S. government’s most sensitive computer networks, breaching a system used by the White House Military Office for nuclear commands, according to defense and intelligence officials familiar with the incident.
One official said the cyber breach was one of Beijing’s most brazen cyber attacks against the United States and highlights a failure of the Obama administration to press China on its persistent cyber attacks.
Disclosure of the cyber attack also comes amid heightened tensions in Asia, as the Pentagon moved two U.S. aircraft carrier strike groups and Marine amphibious units near waters by Japan’s Senkaku islands.
China and Japan—the United States’ closest ally in Asia and a defense treaty partner—are locked in a heated maritime dispute over the Senkakus, which China claims as its territory.
U.S. officials familiar with reports of the White House hacking incident said it took place earlier this month and involved unidentified hackers, believed to have used computer servers in China, who accessed the computer network used by the White House Military Office (WHMO), the president’s military office in charge of some of the government’s most sensitive communications, including strategic nuclear commands. The office also arranges presidential communications and travel, and inter-government teleconferences involving senior policy and intelligence officials.
An Obama administration national security official said: “This was a spear phishing attack against an unclassified network.”
Spear phishing is a cyber attack that uses disguised emails that seek to convince recipients of a specific organization to provide confidential information. Spear phishing in the past has been linked to China and other states with sophisticated cyber warfare capabilities.
The official described the type of attack as “not infrequent” and said there were unspecified “mitigation measures in place.”
“In this instance the attack was identified, the system was isolated, and there is no indication whatsoever that any exfiltration of data took place,” the official said.
The official said there was no impact or attempted breach of a classified system within the office.
“This is the most sensitive office in the U.S. government,” said a former senior U.S. intelligence official familiar with the work of the office. “A compromise there would cause grave strategic damage to the United States.”
Security officials are investigating the breach and have not yet determined the damage that may have been caused by the hacking incident, the officials said.
Despite the administration national security official’s assertion, one defense official said there is fairly solid intelligence linking the penetration of the WHMO network to China, and there are concerns that the attackers were able to breach the classified network.
Details of the cyber attack and the potential damage it may have caused remain closely held within the U.S. government.
However, because the military office handles strategic nuclear and presidential communications, officials said the attack was likely the work of Chinese military cyber warfare specialists under the direction of a unit called the 4th Department of General Staff of the People’s Liberation Army, or 4PLA.
It is not clear how such a high-security network could be penetrated. Such classified computer systems are protected by multiple levels of security and are among the most “hardened” systems against digital attack.
However, classified computer systems were compromised in the past using several methods. They include the insertion of malicious code through a contaminated compact flash drive; a breach by a trusted insider, as in the case of the thousands of classified documents leaked to the anti-secrecy web site Wikileaks; and through compromised security encryption used for remote access to secured networks, as occurred with the recent compromise involving the security firm RSA and several major defense contractors ( via freebeacon.com ).