Gmail Hack Targeted White House
http://online.wsj.com/article/SB10001424052702304563104576361863723857124.ht ml * JUNE 3, 2011 Gmail Hack Targeted White House By <http://online.wsj.com/search/term.html?KEYWORDS=DEVLIN+BARRETT&bylinesearch =true> DEVLIN BARRETT and <http://online.wsj.com/search/term.html?KEYWORDS=SIOBHAN+GORMAN&bylinesearch =true> SIOBHAN GORMAN People who work at the White House were among those targeted by the China-based hackers who broke into Google <http://online.wsj.com/public/quotes/main.html?type=djn&symbol=GOOG> Inc.'s Gmail accounts, according to one U.S. official. The hackers likely were hoping the officials were conducting administration business on their private emails, according to lawmakers and security experts. People who work at the White House were among those targeted by the China-based hackers who broke into Google's Gmail accounts. Devlin Barrett explains on digits. The government has acknowledged senior administration officials were targeted in the "phishing'' attacks on hundreds of users of the email service. White House officials declined to discuss who was targeted. The Obama administration reiterated Thursday that no official messages were compromised. But lawmakers and outside computer-security experts said recent White House history suggests administration officials sometimes use personal email to talk business, despite rules against doing so. The Federal Bureau of Investigation and the Department of Homeland Security are working with Google to investigate. "These allegations are very serious," Secretary of State Hillary Rodham Clinton said Thursday. U.S. officials briefed on the incident said the Obama administration isn't going to raise the matter directly with the Chinese government until the facts become more clear. "Law enforcement needs to dig into this over the very short term so we have all the facts and procedures set out-then diplomacy," a U.S. official said. White House officials in both the current and previous administrations have been accused of using personal emails to conduct business. No matter which party is in power, critics have argued, officials use personal accounts as a way to avoid having those messages turned over to congressional investigators, released under the Freedom of Information Act or retained for historic archives. "If all White House officials were following rules prohibiting the use of personal email for official business, there would simply be no sensitive information to find," said Rep. Darrell Issa, Republican chairman of the House Oversight and Government Reform Committee, and a frequent thorn in the Obama administration's side. "Unfortunately, we know that not everyone at the White House follows those rules and that creates an unnecessary risk." Melanie Sloan, executive director of Citizens for Responsibility and Ethics in Washington, a watchdog group, said the hacking "suggests China believes government officials are using their personal accounts for official business, because I doubt they were looking for their weekend plans or a babysitter's schedule. Presumably, the Chinese wouldn't have done this if they weren't getting something.'' The Chinese government has denied any involvement in hacking of U.S. officials' emails. Google disclosed the hacking attempts on Wednesday, saying senior U.S. officials, Chinese activists and others were targeted in an attack that tricked users into sharing their Gmail passwords with "bad actors'' based in China, apparently with the goal of reading the victims' email. Stewart Baker, a former homeland security official in the Bush administration, said he suspects the ultimate goal of the hacking may have been to use the email accounts as a stepping stone to penetrate the officials' home computers. "If you can compromise that machine, you may well be able to access the communications they are having with the office,'' said Mr. Baker. Marcus Asner, a former cybersecurity prosecutor in New York now at the firm of Arnold & Porter, said it is increasingly difficult for investigators to trace international hacking attacks to specific perpetrators. "It used to be we'd send the FBI agents to find the 16-year-old boy in a basement responsible, but now you have national-security and State Department issues,'' he said. "Now, you're pitting countries against corporations.'' U.S. officials have increasingly had their work and personal email accounts targeted by these types of booby-trapped email schemes in the past year or so, officials said. Government computer-security experts have tried to educate senior officials who would most likely be targeted by these attacks. For example, they've warned officials to be suspicious of emails that appear to be work-related but are sent to their personal email accounts. Employees are also told not to conduct official business on their personal email accounts. The federal government fended off another targeted phishing attack in April, according to the Department of Homeland Security. One of these attacks "seriously impacted" a U.S. government facility. "Several employees at the facility were lured into clicking a link in the bogus e-mail that contained malware, which spread rapidly and extensively across the business IT network," according to a department report. These phishing attacks have evolved significantly over the years, said James Mulvenon, a cybersecurity specialist who focuses on China. Initially they were tucked into emails fashioned in poor English, he said. But as attackers have gotten more sophisticated, it has become harder to identify these trick emails. Now, such attacks target individuals with emails in perfect English on topics they are known to have worked on or mentioning meetings attended. One such scheme targeted attendees of a Defense Department-sponsored conference in 2008 with an email that purported to be from one of the presenters. The message contained malware that provided unfettered access to the victims' computers, said a person familiar with the incident. Soon after, the attendees, mostly defense contractors, received emails that purported to be from one of the presenters at the conference. The notes included an attachment identified as his presentation materials, according to a person familiar with the incident. A majority of the conference attendees opened the attachment, which downloaded malware that provided "unfettered access" to their computer, this person said. "There was widespread success by the bad guys." A subsequent investigation tracked the perpetrator back to a Chinese hacking group. "They're still doing the exact same thing" today, the person familiar with the incident said of the hacking group. Read more: <http://online.wsj.com/article/SB10001424052702304563104576361863723857124.h tml#ixzz1OFyGrsYN> http://online.wsj.com/article/SB10001424052702304563104576361863723857124.ht ml#ixzz1OFyGrsYN [Non-text portions of this message have been removed] ------------------------------------ -------------------------- Want to discuss this topic? Head on over to our discussion list, discuss-os...@yahoogroups.com. -------------------------- Brooks Isoldi, editor biso...@intellnet.org http://www.intellnet.org Post message: osint@yahoogroups.com Subscribe: osint-subscr...@yahoogroups.com Unsubscribe: osint-unsubscr...@yahoogroups.com *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtmlYahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/osint/join (Yahoo! ID required) <*> To change settings via email: osint-dig...@yahoogroups.com osint-fullfeatu...@yahoogroups.com <*> To unsubscribe from this group, send an email to: osint-unsubscr...@yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
