WASHINGTON -- Chinese hackers gained extensive access to unclassified White House emails when they broke into White House computer systems on multiple occasions last year, according to current and former government officials familiar with the matter.
The break-ins were discovered last year, said several private-sector experts familiar with the breach. They said they learned about it in the summer of 2007. A June 2007 cyber break-in at the Pentagon was also attributed to the Chinese military, but it's not clear whether these incidents were linked.
"Emails that were going to the highest levels of the White House were ending up with the central authorities in China," said O. Sami Saydjari, president of the Cyber Defense Agency, a consulting firm.
The White House break-in, reported by the Financial Times, is a rare example of a publicly disclosed computer-security breach at the White House. Cybersecurity specialists cautioned, however, that such events happen frequently.
"The more that you see, the more numb you become to it," said one U.S. official familiar with the White House breach, who added that the mounting volume of attacks are of great concern.
"This is the kind of development that has been driving the government cyber initiative," said Scott Borg, director of the U.S. Cyber Consequences Unit, a think tank that advises governments and companies. In January, President Bush rolled out the first phase of a major cybersecurity program, which aims to reinforce the government's defenses. A second phase is planned to address private-sector vulnerabilities.
White House spokesman Tony Fratto declined to comment on the breach.
Over the summer, foreign hackers broke into the computer systems of the Obama and McCain presidential campaigns and stole large volumes of campaign information, according to current and former government officials.
Mr. Saydjari, who worked on cybersecurity for more than a decade at the National Security Agency, said the reported breach was worrisome because it showed that cyberattacks could be used to alter a presidential election. For example, hackers could theoretically manipulate information on a campaign Web site to incite a scandal. Newsweek reported the breach earlier this week.
Cybersecurity experts say attacks are frequent enough that people, including government officials, should assume email sent over regular Internet systems is probably being read by someone. The White House and other government bodies also have secure email systems that weren't breached by last year's Chinese attack, but those systems are more cumbersome for users.
A recent report from the computer-security firm Symantec Corp. found a 468% rise in types of attacks using nefarious software code in 2007 compared with the previous year. Symantec's detectors found 5.2 million cyberattacks in the last 90 days.