An Obama administration national security official said: “This was a spear phishing attack against an unclassified network.”
Spear phishing is a cyber attack that uses disguised emails that seek to convince recipients of a specific organization to provide confidential information. Spear phishing in the past has been linked to China and other states with sophisticated cyber warfare capabilities.
The official described the type of attack as “not infrequent” and said there were unspecified “mitigation measures in place.”
“In this instance the attack was identified, the system was isolated, and there is no indication whatsoever that any exfiltration of data took place,” the official said.
The official said there was no impact or attempted breach of a classified system within the office.
“This is the most sensitive office in the U.S. government,” said a former senior U.S. intelligence official familiar with the work of the office. “A compromise there would cause grave strategic damage to the United States.”
Security officials are investigating the breach and have not yet determined the damage that may have been caused by the hacking incident, the officials said.
Despite the administration national security official’s assertion, one defense official said there is fairly solid intelligence linking the penetration of the WHMO network to China, and there are concerns that the attackers were able to breach the classified network.
Details of the cyber attack and the potential damage it may have caused remain closely held within the U.S. government.
However, because the military office handles strategic nuclear and presidential communications, officials said the attack was likely the work of Chinese military cyber warfare specialists under the direction of a unit called the 4th Department of General Staff of the People’s Liberation Army, or 4PLA.