The computer phishing scam that Google says originated in China was directed at an unknown number of White House staff officials and set off the FBI inquiry that began this week, according to several administration officials. It is unclear how many White House staff members - or those of other departments in the executive branch - might have been targeted, according to two officials with knowledge of the investigation. But the intended victims ranged across different functions in the White House, and were not limited to those working on national security, economic policy or trade areas that would be of particular interest to the Chinese government. Administration officials said they had no evidence any confidential information was breached, or even that many people fell for the attack by providing information that would allow a breach of their Gmail accounts. White House classified systems run on dedicated lines and information on those systems, the officials said, cannot be forwarded to Gmail accounts. But investigators are trying to determine if the attackers believed that some staff members or other officials used their personal email accounts for sensitive government communications.
"Right now," said one senior official, "that's a theory, not a fact."
Google disclosed the attack this week and said it targeted not only U.S. government officials, but also human right activists, journalists and South Korea's government. Google tracked the attack to Jinin, China, which is the home to a Chinese military school.
But that does not necessarily mean the attackers were Chinese or related to the government. The Chinese government denied any involvement.
The attack used emails that appeared to be tailored to their targets to better fool their victims, a technique known as spear phishing. Recipients were asked to click on a link to a phony Gmail login page that gave the hackers access to their personal accounts.
The attacks come as the U.S. government considers expanding its use of Web-based software for email, along with word processing, spreadsheets and other kinds of documents. Google is one of the many companies vying for the business with its Apps product, as is Microsoft . Web based email would be vulnerable to hackers who steal login information through phishing attacks. But Web-based systems are not necessarily any easier to hack than traditional email, which a government agency would usually manage using its own servers, said Larry Ponemon, chairman of the Ponemon Institute, a computer security company in Traverse City, Mich.
Jay Carney, the White House press secretary, said Thursday that all White House-related electronic mail was supposed to be conducted on work email accounts to comply with the Presidential Records Act, which governs how those communications are protected and archived. Carney said there was no evidence that any White House accounts were compromised.
White House employees are permitted to have private email accounts, he said, but cannot use them for work purposes. Officials at the White House and other agencies often keep two computers in their offices, one for unclassified work and another for classified. Very senior officials sometimes have a "secure facility" in their homes, in which computers and telephones are on dedicated lines and communications are encrypted.
Given its size, Google and its Gmail system will always make an attractive target.
Other personal email services, including Yahoo and Microsoft's Hotmail, have faced similar attacks, according to Trend Micro , a computer security company in Cupertino, Calif. "The types of attacks that are happening against Web mail users aren't confined to Gmail alone and extend to other email platforms," said Nart Villeneuve, a senior threat researcher for Trend Micro.
Google disclosed the attack this week and said it targeted not only U.S. government officials, but also human right activists, journalists and South Korea's government. Google tracked the attack to Jinin, China, which is the home to a Chinese military school.
But that does not necessarily mean the attackers were Chinese or related to the government. The Chinese government denied any involvement.
The attack used emails that appeared to be tailored to their targets to better fool their victims, a technique known as spear phishing. Recipients were asked to click on a link to a phony Gmail login page that gave the hackers access to their personal accounts.
The attacks come as the U.S. government considers expanding its use of Web-based software for email, along with word processing, spreadsheets and other kinds of documents. Google is one of the many companies vying for the business with its Apps product, as is Microsoft . Web based email would be vulnerable to hackers who steal login information through phishing attacks. But Web-based systems are not necessarily any easier to hack than traditional email, which a government agency would usually manage using its own servers, said Larry Ponemon, chairman of the Ponemon Institute, a computer security company in Traverse City, Mich.
Jay Carney, the White House press secretary, said Thursday that all White House-related electronic mail was supposed to be conducted on work email accounts to comply with the Presidential Records Act, which governs how those communications are protected and archived. Carney said there was no evidence that any White House accounts were compromised.
White House employees are permitted to have private email accounts, he said, but cannot use them for work purposes. Officials at the White House and other agencies often keep two computers in their offices, one for unclassified work and another for classified. Very senior officials sometimes have a "secure facility" in their homes, in which computers and telephones are on dedicated lines and communications are encrypted.
Given its size, Google and its Gmail system will always make an attractive target.
Other personal email services, including Yahoo and Microsoft's Hotmail, have faced similar attacks, according to Trend Micro , a computer security company in Cupertino, Calif. "The types of attacks that are happening against Web mail users aren't confined to Gmail alone and extend to other email platforms," said Nart Villeneuve, a senior threat researcher for Trend Micro.
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
security-news