Reports from the White House have confirmed that Russian hackers who breached the State Department in a damaging attack last month abused their intrusion to penetrate sensitive computer systems belonging to the White House, stealing non-classified data.
While the recent White House breach has officials claiming it only affected non-classified data on computer systems, the briefing silences the severity of the intrusion. Hackers who broke into highly protected systems had access to a swath of sensitive information, including non-public details of the president’s schedule. Though the information is not classified and may not appear to be highly sensitive, such information is highly prized among foreign intelligence agencies.
The White House stated back in October that the department had noticed suspicious activity among its unclassified computer networks, that at the time, served the executive office of the president. Shortly after, the branch had been temporarily shut down for security upgrades.
The Federal Bureau of Investigation (FBI), Secret Service and United States intelligence agencies are working in a joint investigation to identify the scope of the White House breach. The trio of investigative branches state the White House breach may be among one of the most sophisticated attacks ever launched against a United States government computer system.
Federal officials close to the breach told CNN the intrusion was routed through several computer systems around the world, to aid hackers muddying their tracks online. Though the attack was covert, officials involved in the investigation say there are sure signs and other identifiable marks that point the White House breach to Russian intelligence.
National Security Council spokesperson, Mark Stroh, didn’t confirm the Russian-based breach, but did note that “any such activity is something we take very seriously.”
To aid the wound, President Obama’s deputy nation security adviser, Ben Rhodes, did say the White House uses a number of servers to withhold information and the database containing classified information related the the United States government and nation security remained untouched from hackers. The White House security team does not believe any classified information was stolen in the attack.
“We’re constantly updating our security measures on our unclassified system, but we’re frankly told to act as if we need not put information that’s sensitive on that system,” Rhodes said speaking with reporters. “In other words, if you’re going to do something classified, you have to do it on one email system, one phone system. Frankly, you have to act as if information could be compromised if it’s not on the classified system.”
Russian hackers gained initial access to the White House network through a State Department hack that occurred last month.
The White House initially identified suspicious activity within its networks back in October 2014. To gain access, Russian Hackers first breached the State Department through a series of carefully coordinated cyberattacks. Included was a typical set of state-sponsored attack methods, including spear phishing, malware-laden files and maliciously laced emails. Attackers targeted State Department employees, and when the files and emails were opened, the malware was automatically executed on the victims machines. The hackers had managed to keep access to the machines and networks controlling the State Department, and may as well still have access.
One official said Russian hackers have been on the networks for months and may very well still be on the network.
Political official, Senator Susan Collins speaking with CNN said the hack is troubling and shows that congress needs to pass legislation that encourages government and private networks to enhance and lock down their digital defenses against such attacks.
Though the State Department and White House breach are severe, the latest attacks come amid Secretary of State Hillary Clinton’s email controversy. Clinton is alleged to have used her personal email rather than her government supplied email for official business communications. Professionals say Clinton’s “private server” was likely not as private or secure as she believed. The Russian attackers were believed to have come after Clinton departed State.