December 6, 2012; Pg. 3
Hackers Hit Ex-Military Head
FBI Pursues Foreign Attack on Computers of Former Joint Chiefs Chairman Mullen
By Devlin Barrett, Julian E. Barnes and Evan Perez
Federal Bureau of Investigation is pursuing foreign hackers who targeted the computers of retired Adm. Mike Mullen, the former chairman of the Joint Chiefs of Staff, in the latest example of what current and former officials call a pattern of attacks on computers of former high-ranking U.S. officials.
The hackers targeted Mr. Mullen’s personal computers, which he used while working on the grounds of the U.S. Naval Academy since his retirement in 2011, according to officials and others familiar with the probe. Those people said FBI agents took away two computers in late October and returned them in mid-November.
One official said that evidence gathered by the FBI points to China as the origin of the hacking, and that it appeared the perpetrators were able to access a personal email account of Mr. Mullen. The official declined to be more specific.
Geng Shuang, the spokesman for the Chinese Embassy in Washington, said he wasn’t aware of the investigation into the hacking of Mr. Mullen’s computers, and that his government prohibits cyberattacks. “China is a major victim of hacker attacks,” he said. “The Chinese government would like to work with other countries, including the U.S., to explore effective ways to combat cyberattacks.”
In response to questions from The Wall Street Journal, Mr. Mullen’s office issued a statement saying: “Adm. Mullen, now a private citizen, has responded to very specific requests and is cooperating with an ongoing cyber investigation he has been informed is focused overseas.”
The case underscores one potential vulnerability as foreign-based hackers search for weaknesses in U.S. intelligence and security systems. Current and former U.S. cybersecurity officials said the Mullen case is the most recent example of a series of undisclosed hacker attacks on the
computer files of former senior U.S. officials. Hackers view former officials’ computers as an easier way to get access to sensitive
information, said these people, who declined to name the targeted former officials.
Last month, Mr. Mullen was one of five people named to a State Department board to review the events surrounding the Sept. 11 attack on the U.S. consulate in Benghazi, Libya. Mr. Mullen also serves on advisory boards at the State Department and Central Intelligence Agency.
Mr. Mullen has had access to classified information while working on the Benghazi investigation, but his own computers weren’t in such a heavily protected network, officials said.
Aides to Mr. Mullen said he didn’t keep or view classified material on his own personal computers.
Even if no classified information was at risk, such intrusions could gather useful intelligence for adversaries seeking to learn whom Mr. Mullen > has been consulting with or advising, and what they are thinking, said Tom Kellermann, a cybersecurity expert at TrendMicro Inc.
He said targeting a retired official could let hackers use that person’s computer as a surveillance device to snoop on any current officials > who come into close proximity with the computer.
“Hacking a former official is a great gateway to the current leadership, because the current leadership will implicitly trust former officials,” said Mr. Kellermann, who cited the danger of cybersnooping programs that can be hidden in email attachments.
Targeting former officials is not the only way hackers have sought to glean sensitive information without taking direct aim at guarded government networks.
In the past, hackers in China have targeted the personal email accounts of current U.S. government officials, in the hopes that the targeted individuals would disclose valuable information in those less-secure messages, according to U.S. officials.
The FBI investigation of Mr. Mullen’s computers isn’t related to the continuing probe that embroiled another former high-level U.S. military official, former Central Intelligence Agency Director David Petraeus, according to multiple officials.
Mr. Mullen became the chairman of the Joint Chiefs in 2007 and retired from the military four years later.
Since then, he has had an office at the Naval Institute, a private think tank that has its headquarters on the grounds of the Naval Academy in Annapolis, Md. The computers in question were his own, and did not belong to either the institute or the academy, officials said.