White House e-mail system accused in UK cyberattack

British officials today disclosed cyber incident involving alleged White House e-mails

The White House's unclassified e-mail system is back up after an eight-hour outage, but the e-mail security problems may go deeper. It was disclosed today that some officials alleged White House e-mails were the source of a cyberattack against British officials two months ago.

Officials from the United Kingdom said today that alleged White House e-mail accounts were the source of a malware attack against U.K. government officials in late December, according to news reports.

It was not immediately clear whether the attack came from official White House e-mail accounts that had been hacked or from hoaxed accounts that resembled White House accounts.


Related stories:

White House e-mail service fails

White House just getting started on cybersecurity


British Foreign Secretary William Hague said the malware attempt apparently originated in a White House e-mail account and was directed at U.K diplomats. He presented details today at a global meeting in Munich.

"In late December, a spoofed e-mail purporting to be from the White House was sent to a large number of international recipients who were directed to click on a link that then downloaded a variant of Zeus" virus, Hague said, according to a report in Silicon.com today. Government security experts were able to clear the infection, he said.

The perpetrator posed as a top White House aide and e-mailed messages to government staff members in Britain inviting them to click on a link that would have triggered the computer bug, The Telegraph reported in an article today.

The application was designed to steal personal data from a large number of U.K. civil servants, the Telegraph said.

If the White House e-mail accounts were hacked, it was not known whether the hacking was related to the e-mail system failure that took place Feb. 3.

The White House’s unclassified e-mail system used by the West Wing and executive Office Building went down. Dan Pfeiffer, a White House spokesman, tweeted news of the disruption to reporters around noon and said Verizon was working on restoring the service.

The e-mail system was operating again by mid-afternoon, CNN reported today in an article.



About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Cyber. Covered.

Government Cyber Insider tracks the technologies, policies, threats and emerging solutions that shape the cybersecurity landscape.

Featured

Reader comments

Wed, Feb 9, 2011

The security community widely reported the Zeus related "Merry Christmas" emails from December that were spoofed as if from the White House. Kerbs on Security is a good place to read about it. This is the only article that seems to have been fooled into thinking that the emails actually came from the White House. You should do a bit of research before saying something like this that is so off base.

Mon, Feb 7, 2011 Zorro

Golly, the quote from British Foreign Secretary William Hague is clear enough. He refers to "a spoofed e-mail purporting to be from the White House..." Anyone can spoof an email sender and it has nothing to do with the purported sender's email system having been hacked. The incident sounds like a case of "spearphishing" of the type widely reported around the time, December 2010.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group