The Russian government has allegedly hacked into the White House’s computer systems, according to a report on CNN, which claims the hackers first penetrated the State Department’s email system last October and were “likely working for the Russian government”.
Using their foothold in the State Department’s computer network, the hackers then apparently managed to hack into the White House computer system, namely the unclassified Executive Office of the President network.
Whilst the attackers apparently did not hack into any classified systems at the White House, they were able to obtain sensitive information about President Obama, including his private schedule.
Investigators were apparently been able to find signs that point to the Russian government being behind the attack, despite doubts from security experts about the ability to attribute the attack to a particular country.
“Once an attacker gets into your systems it can be notoriously difficult to get them out, particularly when your network and internal security controls allow the attacker to move around on your network without being noticed,” said Dwayne Melancon, CTO Tripwire.
“There are a few significant challenges in breaches like this,” Melancon added. “First, attribution is difficult. A savvy attacker can not only cover their tracks, they can often mislead you into believing someone else is behind the attacks. I hope the White House has strong evidence to claim Russian responsibility.”
This point was echoed by Tripwire’s senior security analyst, Ken Westin.
“The intrusion into the unclassified State Department network was assumed to be Russian by many in the government and security community,” said Westin. “As portions of the network were shut down for long periods of time for extensive security upgrades many speculated that the extent of the intrusion may have been more severe than originally thought.”
“The new insights into the investigation with the US government implicating Russia would imply that there is strong evidence that the Russian government was involved,” said Westin. “However, given the sensitive and confidential nature of US intelligence agencies methods only a few will have access to the actual evidence which may raise suspicions as to the accuracy and veracity of the accusation.”
Westin pointed to the coincidence that this “naming and shaming” of Russia coming hot on the heels of President Obama declaring a national emergency and issuing an executive order regarding cyberthreats.
Earlier this month, Obama launched a punishment scheme usually reserved for terrorist organisations and rogue states. He created a US sanctions program, which for the first time ever, will use sanctions to financially punish individuals and groups outside the United States who are involved with malicious cyber attacks.
The US has previously “named and shamed” a number of countries for allegedly carrying out cyber attacks. Last May for example, the US took the unprecedented step of filing criminal indictments against members of Unit 61398 of the Chinese People’s Liberation Army (PLA).
The United States has also publicly blamed the devastating hack on Sony Pictures on hackers working for the North Korean government, despite expert doubts at the finger pointing.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…