The White House would not say if the attack originated in China, describing it as a "spear-phishing" attempt.
"Spear-phishing" typically works by sending fake e-mails that look like legitimate correspondence, but which link to a malicious website or file attachment.
The most common threat was a technique known as spear-phishing, which can corrupt a company's computer system by uploading malicious attachments and gaining access to sensitive information.
Recent attacks that have hit Apple, Facebook and other high-profile companies often bear similar hallmarks of infiltrating a system via employee computers, and with a straightforward spear-phishing campaign.
The rise of social networks, for example, has aided an increasingly common kind of attack known as spear-phishing, says Greg Bell, global service leader for KPMG's information protection practice.
Much of the campaign involved sending spear-phishing emails, where an unsuspecting target would click on a link, activating a program that would then runs quietly in the background of their computer network.
FORBES: China Thought To Be Behind Global Cyber-Espionage Campaign That Hit UN, Olympic Committee
Many highly publicized attacks have been based on a tactic called "spear-phishing, " where email users are tricked into opening a legitimate-sounding message that contains code called malware that lets attackers penetrate corporate networks.
They have not been able to establish how exactly the hackers broke into the system, but believe it may have been through a so-called spear-phishing attack, where an employee clicked on an email or link containing malicious code.
The new breed of spear-phishing emails appear to be sent by a close friend or family member, address the victim by name in the subject line or body of the message, and include a link to a website controlled by spammers.
FORBES: Facebook Says 'Misconfiguration' Allowed Spammers To Impersonate Users
The NYT suspects a so-called "spear phishing" attack that sent targeted, booby-trapped messages to a few key individuals.
BBC: How the New York Times cleaned house after its hack attack
Around the same time, military contractors Boeing, Northrop Grumman, Raytheon and Lockheed Martin were also hacked from computers in China, according to industry sources. (For more, see "Cyberspies Target Silent Victims".) Alan Paller of the SANS Institute says that many of those breaches may have involved a technique known as "spear phishing"--impersonating a high level official's e-mail to lure employees into revealing their security codes.
应用推荐