VirtualThreat Contributing Writer
Sources within the White House and U.S. military partially confirmed that Chinese attackers hacked the White House Military network. The White House Military Office (WHMO), is in charge of the network that holds the commands for the President’s nuclear “Football”.
A White House national security official stated the security breach involved a spear phishing attack on a White House Communications Agency staff member. A spear phishing attack is accomplished by sending an forged email to a carefully targeted victim, or set of victims. The email is typically crafted using a fake sender’s name and reply-to address as well as an official sounding subject line and message. Generally the email includes an infected file containing malware, (such as a PDF file or Word doc) or a link leading to a web page that the hacker can use to infect the victim.
Either way the attack generally results in a “reverse shell”, a tunnel that connects back to the hacker allowing the transport of data and commands. With command access the attacker can also use the newly infected system as a way to launch further attacks on the network and other equipment attached to it. Once these backdoors are created in to the system it is almost impossible to tell how much or what kind of files the hackers have taken, or worse, left behind.
A White House official told Fox News. “These types of attacks are not infrequent and we have mitigation measures in place … In this instance the attack was identified, the system was isolated, and there is no indication whatsoever that any exfiltration of data took place”.
However Free Beacon reported that the United States government’s most sensitive networks were targeted in the attack last month. “This is the most sensitive office in the U.S. government … A compromise there would cause grave strategic damage to the United States,” said one former senior U.S. intelligence official.
The WHMO holds many national secrets including data on the much talked about “nuclear football,” the nuclear command and control suitcase carried by the president in times of war. The “football” allows the President to be in continuous communication with strategic commanders for launching nuclear attacks. The White House Military Office office is also in charge of sensitive government continuity ops during wartime.
“The White House network would be the crown jewel of that [Chinese hacking] campaign so it is hardly surprising that they would try their hardest to compromise it,” said Dmitri Alperovictch with Crowdstrike.
Rear Adm. Samuel Cox, Cyber Command director of intelligence, told Reuters “Their level of effort against the Department of Defense is constant” and efforts to steal economic secrets are increasing.
“It’s continuing apace,” Cox said of Chinese cyber-espionage. “In fact, I’d say it’s still accelerating.”