Alleged White House e-mail cyber incident now called attack from China

UK officials say e-mails were fake versions of White House messages

Officials in the United Kingdom now suggest that a cyberattack from purported White House e-mail accounts actually originated from China, and the perpetrator used a hoax e-mail address that resembled a White House account. Nevertheless, the U.K. officials are also calling for more cooperation among governments to jointly agree on policies for state-based covert cyber activity.

The initial reports on Feb. 4 from British Foreign Secretary William Hague indicated that e-mail messages alleged to be from the White House were sent to several British officials in late December. The e-mails contained links that, if opened, would download a virus onto the user’s computer.

It was first unclear if the attack came from authentic White House e-mail accounts that had been hacked and infected with a virus or from fake e-mail accounts made to resemble White House e-mail messages. In recent days, the latter scenario appears the more likely.

According to several news accounts, Hague referred to “spoof” White House e-mail accounts, suggesting that the messages were not authentic.

Meanwhile, the Guardian reported that the cyberattack is now believed to have originated in China.

Although the foreign secretary did not name the country behind the attacks, intelligence sources familiar with the incidents made it clear the originating country was China, the Guardian said in an article Feb. 4.

"In late December a spoof e-mail purporting to be from the White House was sent to a large number of international recipients who were directed to click on a link that then downloaded a variant of Zeus," Hague said, according to the article. "The U.K. government was targeted in this attack and a large number of e-mails bypassed some of our filters. Our experts were able to clear up the infection, but more sophisticated attacks such as these are becoming more common."

On Feb. 6, in a subsequent article in the Guardian, Hague indicated that more international agreement is needed for state-based covert cyber activity. The article suggested that the United States may be involved in such activity.


About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • People
    Dr. Ronny Jackson briefs the press on President Trump

    Uncertainty at VA after nominee withdraws

    With White House physician Adm. Ronny Jackson's withdrawal, VA watchers are wondering what's next for the agency and its planned $16 billion health IT modernization project.

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.