The White House sustained a cyber attack with officials saying it successfully protected all systems.
In a rare move, the White House admitted it had received a cyber assault. Typically, the attacks are not acknowledged as the White House receives thousands every day.
The official who acknowledged it did not provide details into the size or who committed the attack. However, a report by the Washington Free Beacon has surfaced placing the attack at the feet of the Chinese.
U.S. Defense Secretary Leon Panetta spoke to Chinese officials about U.S. frustrations with cyber attacks during his most recent trip across Asia.
The Beacon cites an unnamed official saying: “the cyber breach was one of Beijing’s most brazen cyber attacks against the United States and highlights a failure of the Obama administration to press China on its persistent cyber attacks.”
{ 61 comments… read them below or add one }
The chinese try to cyber attack/ hack the white house systems….just like all the other institutions that they hack every single day. Surprised, anyone?
Of course it was the Chinese…ITS ALWAYS THE CHINESE!
the "mainland" chinese, you have to be more specific, cuz taiwan and hongkong arent part of that mess.
At one time most Chinese HUMINT operations against the US were carried by Taiwanese citizens because they had closer tries and freer access to US Govt. and industry and were more trusted. With the Chinese, family ties are much more important and powerful on the individual than political ones. Lots of Taiwanese businessmen were caught trying to smuggle classified documents and equipment of all sorts out of the US in the late 1990s and early 2000s.
There's always the money angle, or currying favor with the PRC to get your business ahead.
the chinese anoy me so much with all the military hacking they do. like to the f22 raptor. its no suprise to me they tried to do it to the white house.
Note that the “Washington Free Beacon” appears to be a conservative leaning web site (it features a quote from Ronald Reagan on its “Contact Us” page) and, thus, may be not a completely unbiased source
Just sayin’.
Bill Gertz the author of the story is a well respected reporter with considerable insider knowledge.
"A conservative leaning website" wow so it must be BIASED in some way and therefore un-usable. As opposed to the leftist ABC, NBC, CBS, CNN, MSNBC, NYT, WaPo, etc…
Did you really just call the Washington Post 'leftist'?!
Are you at all familiar with the U.S. media landscape? or just talking out of your ass..
CNN too dude, not at all leftist, if anything, slightly right-leaning.
I am extremely familiar with the US media / political / cultural landscape.
You are a sheep.
We should give them a revenge cyber attack. There should be no tolerance for this sort of thing and to do nothing would show weakness.
We do. All the time.
Hahaha I guess we would and it wouldn't be publicized much now that I think about it.
But but it's only bad when they do it. When we do it, it's Patriotic!
American Exceptionalism.
Yes indeed
Should a nation that sends uavs' over other people airspace to kill people with out trial be throwing stones????
But what do you guys think about the chinese. shouldnt we do something about all these cyber attacks. this cant just keep going on. we need to do something
I agree, but what can we do? Obviously it isn't a BIG enough thing to go to war over. And economically are countries are deeply tied together…
Any ideas on what could/should be our response?
No more Sweet & Sour chicken MRE's…………
Place an embargo on them for maby a week or so would hurt us both but maby the Chinese will budge first. If not then we are royaly strewed and there will be no other choice but to go to war.
Considering the cyberwar effort we spend on Iran…
Folks, remember Stuxnet>? DuQu? Flame? Gauss? Wiper? No? Okay well they're US government created forms of digital intelligence gathering and attack platforms targeted predominantly in the middle east.
Let's not be naive and think the US takes the asian or russian cyber efforts lightly.
What about we just EMP their computers. Almost impossible but not impossible.
1 They hold our checkbook. 2. They make our stuff. From your cell phone to your Xmas lights.
well i think if we were to EMP them they would veiw that as an act of war. I think we should just hack them back. We have that ability but people should veiw this as a big problem becuase it is. its a big probleme and we the people and the government should do something about the chinese. this has to stop.
There has to be retaliation for this. This cannot be allowed to continue like this.
We retaliate all the time.
You know what? I'm gonna tell you right now, this is from the President! You bunch of no good hacking punks! And I know your attacks are coming from China because I backtraced it! I know who's been hacking me, and I'm reporting you to the cyber police! If you ever screw with my computer again, consequences will never be the same! You done goofed.
"From the Desk of Prez Barry H. Sotero-Obama: "
Wasnt there a DT article about some new super sophisticated US made virus that gained a crap ton of access to iran? Sounded like one hell of a virus, we should send it chinas way. Plenty of tech wizes on our soil.
Yes there was. The softyware was "Stuxnet" and unfortunately it went to computers outside the intended targets also. Now Kaspersky, Norton, and others have disected it and now it could just bite us in the rear end.
How to make a hack out of a phish the beacon style
How to make a hack out of a phish the beacon style
http://www.theverge.com/2012/10/1/3439104/white-h…
Got to remember; a lot of the Chinese attacks are the stem of homegrown patriotism (not dissimilar to some countries in the west), and are not government sanctioned. The governments just turn a blind eye it.
I don't know if I agree that all of it is not government sanctioned. I do agree that most of it is not; too much of it is amateur hour stuff. But there has been activity that's made me wonder if there's not some behind-the-scenes cooperation with individuals and groups who know how to employ compromises.
Then again, those events could also be mere ad hoc partnerships of convenience. But regardless, they still make me wonder if there's not some quiet government involvement. Even if only by a few individuals, and not as a strategically, centrally planned event.
I don't want to seem too paranoid, though. NathanS is essentially correct: A LOT of it is indeed a bunch of individuals acting on their own hook and just reacting to events in the news.
People, as a highly industrialized and technological society, we are extremely vulnerable…. as is a good deal of this world, while a good deal of this world is still backwards and therefore less vulnerable. One EMP from us could result in One EMP for us. EMP designs are not new. Remember the Neutron bomb? Kills people but leaves buildings fine? There are EMP bombs as well. Launch from a sub, a cargo ship, an airliner….. and what happens to America when all the electronics, or a great deal of them, die. We have entered a new MAD (mutually assured destruction) mode but without the blast and destruction of a bomb…. the destruction is of our society that is now addicted to the high tech electronics we live with can hardly live without. We play the games of tit for tat, little punishments, but all of us knowing that if it gets real serious, we are all in for a load of trouble for years to come.
Obama's Tv ad calls China ' cheaters' . Expect more hackings & if nothing changes expect war soon. We've dishonored China and all it stands for. We're hated in Asia. Hated in Middle East. Europe is embarrassed by us. Just pray NATO doesn't split apart and still backs us up. Don't think we can fix the damage that we caused & from what I see in politics, noone is even trying to.
Live it up while you can. Keep downsizing and resoring to cheap tech. China prepares. Russia too. Be in denial all you want but it's coming.
FYI, the AP article characterized this as a "spearphising" attack. If anyone's curious, a good page explaining this class of attack can be found here:
http://us.norton.com/spear-phishing-scam-not-spor…
To expound on this: What makes this attack worthy of mention is that whatever individual or group crafted it felt they knew enough about the targeted staffers to attempt to craft highly specific spam (very specifically targeted, hence the "spearphising" instead of "phising" moniker) with the intent of tricking the invididuals out of organizational information. Normal spam phishers don't tend to get that specific, but whoever or whatever group did this figured they had info allowing them to masquerade as someone within the White House, or doing business with it. (Cont'd…)
… cont'd:
Of course, they could also have been so deluded that they totally disguised themselves wrong. That sometimes happens: Someone gets too confident and sets off BS alarms from a mile away. If someone asks for a Colonel in the US Navy, you know they screwed up, but they may not know it. Anyway, it's not yet known if the "inside" information the spearphishers had was actually genuine and correct; again, it may not have been, it's possible they may have possessed bad information and fooled themselves into thinking it was usable. But, if their information WAS legit, that's cause for concern. If it was something that's not necessarily public, that's cause for actual worry. It all depends on the specifics of this particular attack.
Somebody really done and screwed up real good if they managed to find themselves a USN Colonel because there are about as many Colonels in the USN as there are live dodo birds in world.
Tthat hypothetical Colonel in the US Navy email was just a made up example of course (yes, I do know there's no Colonel rank in the Navy; an O-6 is a Captain). But I have seen badly wrong spearphishings before. Like a guy who's last name is Lee – and is totally European caucasian – be phished on the presumption he was Chinese. I've seen college staff and faculty be phished as though they were students and vice versa.
Spearphishing can be worrisome because it contains info you think HAS to come from within your organization. So you have to figure out if your org was genuinely penetrated or not. You have users to worry about, institutional data who's integrity you must now audit, and a possible data leak or a totally innocent, public site to locate that you totally forgot about or that someone else brought up without telling you. Once a malicious person on the internet gets the inside info, building spam is easy. But for the admin, those simple spams can end up causing hours of work and worry. And that's really the bad part about it: Even a completely unsuccessful spearphishing expedition still costs work hours.
But yeah, I'd hope that 99% of the population's BS detectors would go off if someone was looking for a Navy Colonel. I'd be tempted to screw around and refer them to Admiral so-and-so in the US Army. ;)
Of course the White House is gonna say they protected their systems. They are not foolish enough to admit whom ever initiated the attack succeeded in getting information. Only the sheeple would believe what the WH says.
Before rattling our own sabers, we need to develop a better understanding of Chinese policy. I am no expert, but I believe that China has expressly stated that it considers hacking from foreign sources as an act of war.
I do not know their ability or will is to carry out a belligerent retaliation to hacking, but suffice to say that whoever is in charge at the White House will have to put much thought into the issue, regardless of their political stripe. I am also pretty certain that there is a lot going on behind the scenes which we are not aware of.
I do know that engaging in a tit for tat exchange, more than likely leading to escalation, on this issue is more than likely going to go nowhere good for either country, so a more mature and measured response than a simple retaliatory hacking is called for. But what can it be? Sanctions? You'd have to be willing to kiss your iPhone goodbye, kids.
I don't see what the big deal is. What are much more worrisome are the attacks they DON'T tell us about.
Why am I deleted?
you made a cyber attack, according to the article. LOL
I had a first post deleted, I called the Chinese Chi-coms….you think that was why it was deleted?…..sheesh…
Does the US launch any of their own cyber attacks?…..are they successful at all?
The story just accepts the WH's story that they successfully repelled the attack? This WH said for a week our Ambassador to Benghazi was killed by some random mob incited by a obscure video. Was that true or false? We now know it was false and the WH knew it was false the momemt they spread that tale.
I wouldn't just accept the WH's story here gang. Liars rarely stop lying.
Bigger question is, do we really need to know? There are some questions that are best left unanswered for reasons of national security/OPSEC. However, in answer to your question, there is some suspicion that the Stuxnet attack(s) on Iran's nuclear facilities was a US operation or that we at least developed Stuxnet.
Just like the things going on at the Skunkworks, no…we do not need to know, I can't imagine what those sneaky son of guns got going on there…..makes me sleep better at night…
I can just picture our President hunched over his I-Pad fending off the attack
If spear-phishing attack mails constitute as cyber attacks, we are doomed.
And this is what your article does not write: " The reason, however, isn’t because networks are necessarily vulnerable — it’s the people who can put the White House’s security at stake by opening a single email attachment that can unleash a virus on the Obama administration’s system."
while you can read how idiots in the WH open all sorts of email here: http://rt.com/usa/news/house-phishing-computer-ob…
so yeah illiterate idiot got security compromised, news only in the WH.
The WH repelled a cyber attack probable by showing them an easier way in. Silly China, just buy more of our debt, you'll eventually get what you want.
If the Chinese come phishing, just hook a little ******** to their line.
We should completly shut down their computer networks and just say.. I don't know, wasn't us!
There is a lot of disconnect in this reporting. As expected the White House states there are thousands of spear phishing attacks against the White House daily. They state they did not acknowledge the attack. How can this be reported in the first place? Is the process so broken that what is described as background noise of daily attacks is singled out for some reason, and then classified as a brazen attack. How can you make a policy when you can't even decide how to deal with this brazen absolutely routine situation?