Multiple sources are reporting that hackers have penetrated the email system of the White House.
People described as “US government cyber experts” are said to suspect the cyber raids were sponsored by the Chinese government. These sophisticated, targeted attacks repeatedly penetrated the unclassified network’s defenses. The breaches seem to closely follow the “Grain of Sands” technique used by Chinese intelligence agencies.
The “Grain of Sands” is a methodology used to derive intelligence from disparate pieces of data no matter how seemingly trivial, as each data point might just be the final little piece that completes the puzzle. It is important to note that inside sources tell us that the classified network and system was NOT compromised.
This comes just days after Newsweek reported that both the Obama and McCain campaigns had their security breached by overseas hackers. Reportedly a significant amount of data had been exfiltrated. Intelligence Analysts at Spy-Ops believe that the hacks and data transfers were a concerted effort to track the candidates’ policy positions which could aide in future negotiations with the United States. The FBI and U.S. Secret Service had notified both campaigns of the security breach in late August.
At first, the campaign security thought it was just another “phishing” attack, using common methods. One source said the FBI told them: “You have a problem way bigger than what you understand. You have been compromised, and a serious amount of files have been loaded off your system.” Unofficial sources tell us that the attacks were traced back to Russia, China and an un-named third country.
This is at least cyber espionage or is it an act of cyber war? Are we at Cyber DefCom 1? A clear-cut cyber warfare doctrine is needed to answer these questions.
– Kevin Coleman [EDITOR: Please be sure to take a look at the transcript of last week’s interview with Kevin on the DT Live Q&A]
Why has this not been addressed? Acts like this are cause for war. No one will say or do anything until they attack our power grid? I feel we have to know more than we let on considering all traffic flows through NA. I wonder why we don’t attack in return. I understand not wanting to give away our capabilities, but we can attack and blame it on others or develop a totally independent system for a secure backup. Maybe the AF has too many things going on? A new branch of mil for CyberWar? Best of the best from all branches, etc.
I read that transcript and the country needs a cyber warfare doctrine. We also need to consider the implications of whether a country should be held responsible for a debilitating cyber attack originating from within its borders. The unique nature of the internet makes it easy for countries to deny culpability for attacks originating within their borders.
It seems on the face of it similar to whether a country should be held partially responsible for terrorist attacks perpetrated against another country by groups which reside within it’s borders. I wish I had the chance to ask Kevin his views on the subject.
JT, a lot of traffic flows through the US, but it isn’t remotely accurate to say that “all” traffic (let alone most) is routed this way.
Kev, you’re slipping, I count at least four more spots where you could have used the word “cyber”…
I do wonder how the FBI knows how much data was copied (er, sorry, cyber-jacked) from the candidates’ systems. Not “wondering” in a conspiracy way, but as a matter of practical consideration. Or does the FBI somehow manage their servers? That seems unlikely but…
Drake
To answer your questions I would have to say it depends upon how solid the evidence is that a given country was actually the ones behind the cyber attack. The difference, as I see it from countries that harbor terrorists and those that harbor cyber attackers is that most countries do not know many computers within their borders have been compromised and can distinguish from those compromised and used as weapons in an attack by others and those that are purposely doing the attacking.
MAC (using cyber)
I have to get my Google ratings up somehow
I guess it comes down to wether an act of cyber espionage is cause for war. Although I don’t know, I would bet anything we have espionage efforts to find out what China and others are doing.
I am slightly concerned that ALL of the white house e-mail doesn’t have the same high level security as the top secret stuff.
If we find out for sure that China, Russia, or any other nation is sponsoring cyber terrorism against us, we ought to bring into public light. Make a protest in the U.N, try ruin their public image just like ours has been (Although the blatant human rights violations and Russia’s aggression in Georgia helps.)
Anything more serious is hard to fathom. What will we do, economic sanctions? With our bad economy? War, against CHINA, especially now? Doesn’t seem like we have many more options other than tightening security.
Espionage, counter this and counter that.
How is it that the FBI knows exactly how much data, was compromised, when they cant even tell how much data is compromised at a bank?
How can we trust anything that has a whitehouse, Watergate, Waco, these are the same people who relie on false information and pass it along as surreal. Come on guys, do not relie on the guys in langley, get your own information and stick to it-and dont use stat info (lies) when dealing with sensitive information that is being hacked.
Maybe we should employee NW3C at the whitehouse to control the hackers, there, or tell the whitehouse to use something more available, like, unix, linux, and signal 9 firewall.
In the first place;i take this opportunity to salute! you all at military.com.
My message is simple and straight forward;we should all help to maintain the peace that we have enjoyed since the end of the 2nd World War.
For a kingdom;that is divided against itself cannot stand[an old adage].
I believe in peace,unity,knowledge,wisdom and above all the fear of God.
With these;working in our life,i am sure the world will be a better place to live in;not forgetting hard work.
I believe my colleagues/fellows will side with me.
Thank you.
Salute! to you all.
Mac,
are you kidding me?!? Not close?
http://www.wired.com/politics/security/news/2007/10/domestic_taps
that’s phone and internet. So not 100% flows through, but where is the backbone located? where are some of the main switches located? (LA, NY, MIA) if that traffic was going somewhere else, the NSA would have just paid whomever to add that little room and not ask questions.
point being, we can do more to address our vulnerabilities.
why should they hack into it? just wait and osama.obama. the raghead just elected will give it to them
What you don’t know is that there watching all of us right now..
There is no such thing as true security on any internet. Security has to be changed and resecured almost daily for there to be any semblence of security. If a man/woman can figure out a new system, there are at least a thousand others that can figure a way to break it in SHORT ORDER. I call anyone who transmitS significantly important info on the net on a system more than a week old, A FOOL.
Can someone in the government please tell me why the White House email system is NOT ENCRYPTED???? Good Lord people. PGP has been around forever, encrypt your laptops, all hard drives AND your email communications..
If the powers that be were smart, they would set up some type of “dummy” Whitehouse email/database that hackers could hack into, and voila, you could have some sort of direction on where the attacks are coming from w/out compromising real intelligence.
I was under the impression that if we elected Obama, that the world would love and respect us again. Why would the Chinese do this to us?
One things for certain, the Obama administration will never spy on the Chinese or even prepare for a cyber-counterattack. That would be against the law and a violation of the Chinese military’s civil rights.
First off, The email we are talking about is the external facing email system for the white house. IE President@whitehouse.gov Not the internal email system at all which I am sure is encrypted. Having said that, this is the kind of problems that I have been talking about. We are constantly distracted by news of SPAM, Phishing and DDOS attacks when the real problem is sophisticated well funded/organized groups spending time to find real vulnerabilities in important systems. Mostly this will be used to collect information (cyber espionage). These attacks will also mostly be state sponsored, but not always.
To the questions of cyber espionage or cyber war. This is cyber espionage, just like physical espionage it needs to be watched out for but it’s really not much different. You could have cyber attacks that are warfare (attacking power stations, shutting down financial systems, etc) but it would have to be something other than just collecting data, collecting data is espionage.
As an Army Officer working for the Defense Information Systems Agency, it is certainly inviting to delve into the tactical level technical aspects of this discussion. However, I believe there is some merit in taking a look at the strategic issues involved here. Drake says below,
Hi. Have patience awhile; slanders are not long-lived. Truth is the child of time; erelong she shall appear to vindicate thee.
, Saul.
I am from Indonesia and learning to speak English, tell me right I wrote the following sentence: “You can start your search here whenever you need a low cost airline ticket discount airline tickets — fare quotes for groups and travel agents.“
Best regards
Hey. Write down the advice of him who loves you, though you like it not at present.
, Carleton.
I am from Egypt and also now’m speaking English, please tell me right I wrote the following sentence: “Round trip the price does not include taxes.“
Waiting for a reply
How are you. Results! Why, man, I have gotten a lot of results. I know several thousand things that won’t work.
, Jemima.
I am from Sri and also now’m speaking English, give please true I wrote the following sentence: “Com requires javascript to be enabled in order for our site to work.“
Best regards