White House staffers were among those targeted by Chinese hackers that recently tried to break into hundreds of Gmail accounts, according to the Wall Street Journal. The hackers were hoping that senior administration employees would be using their private email accounts for official business.
Google previously indicated that the hackers were attempting to hijack accounts using “phishing” scams, where users are tricked into giving up their passwords. The attacks were also aimed at Chinese political activists, South Korean officials, and journalists, and aimed to monitor the accounts and change email forwarding settings.
The Obama administration said no official messages were compromised, but Secretary of State Hillary Rodham Clinton said Thursday that the allegations at hand were “very serious.” The FBI and Department of Homeland Security are working with Google to investigate the attempted breach, and U.S. officials indicated they would not talk directly to the Chinese government about the incident until more facts are collected.
The attack suggests White House employees are using private email exchanges to conduct official business, even if there are rules against it, according to Melanie Sloan, executive director of Citizens for Responsibility and Ethics in Washington, who was quoted in the Wall Street Journal story. “Presumably, the Chinese wouldn’t have done this if they weren’t getting something,” she told the Journal.
“If all White House officials were following rules prohibiting the use of personal email for official business, there would simply be no sensitive information to find,” said Rep. Darrell Issa, Republican chairman of the House Oversight and Government Reform Committee, told the Journal.
We reported yesterday that while China is in the spotlight here, the attacks may have came from more than just China. Mila Parkour, the Washington-based IT specialist who first spotted the attacks three months ago, said similar attacks appeared to come from New York and Korea. Google said it based its China findings on security intelligence gathered on its own, but it did not reveal how this was done.
As the case gets bigger and the U.S. government takes a larger role, we’d love to see Google release more information on why exactly it thinks China is the only country of origin in these wide-ranging attacks.