We reported in February that Russian hackers breached the State Department computer system for months. Now top U.S. officials briefed on the matter told CNN that the same hackers had intruded into the sensitive parts of the White House computer system. Though the National Security Council spokesman Mark Stroh did not confirm the Russian hand behind the attack, sources told CNN that Russia was behind the cyberattack.
Only unclassified system was affected?
The White House said Tuesday that the attack only affected an unclassified system. But the intrusion was far more serious. Hackers had gained access to a lot of sensitive information, including the real-time schedule of President Barack Obama. Even the breach of an unclassified system poses serious security risks. That’s because government officials routinely share sensitive information via non-classified emails, which may be of value to Russian intelligence agencies.
The U.S. officials have confirmed to NBC News that Russia conducted the cyberattack on the White House. In October last year, the White House noticed some “suspicious activity” on the unclassified system that serves the executive office of the President. Since November, the network has been shut down periodically to enhance security and block the intruders.
The U.S. Secret Service, FBI and other intelligence agencies are investigating the attack. The federal law enforcement officials said it was the “worst ever” attack against the U.S. government systems. One official told CNN that the Russian attackers “owned’ the State Department system for months. It is still unclear whether the U.S. agencies have fully eradicated hackers from the system.
First State Department then White House
Investigators believe that the attackers first breached the State Department system to break into the White House. Investigators said the hackers launched a phishing email using a State Department email account to get access to the White House system. James Clapper, the director of National Intelligence, said in January that sometimes foreign hackers gain access to the U.S. systems simply by pretending to be someone else and then asking for access.
President Barack Obama’s deputy national security adviser Ben Rhodes said the White House uses a separate system for classified information. So, the national-security related information was protected from getting into the hands of Russia through its hackers. The cyberattack was routed through computers all over the world to hide the attackers’ tracks.
Codes and markers point to hackers working for Russia
But investigators have found some codes and other markers that suggest that the hackers were working for Russia. Last year, a Russian hacker was caught in the Maldives by the U.S. Secret Service agents. The revelations about the White House and State Department hacks come even before the controversy over Hillary Clinton’s use of a private email server for government work during her tenure as the Secretary of State has abated .
Experts say Hillary Clinton’s private email server was less secure than the State Department system. Russia reportedly attacked the State Department and White House systems after Hillary left the State Department. Anyway, the attack is significant because it comes before the 2016 presidential election.
In 2013, a hacker called Guccifer had intruded into the email of Sidney Blumenthal, a close friend and adviser to Hillary Clinton. The hacker published emails Blumenthal had sent to Hillary Clinton’s private email account. They included some sensitive information on foreign policy issues.
Russia and the U.S. are increasingly confronting each other
The recent Russian hacks show that the State’s computer system has some serious security issues. The attack came after the U.S. imposed sanctions on Russia over its aggression in Ukraine. Russia and the U.S. have been increasingly confronting each other over security issues. In the wake of Russian cyberattacks, the U.S. intelligence agencies have increased their warnings about Moscow’s hacking activity in the United States. It prompted the U.S. agencies to reassess the cybersecurity threat.
Last week, President Obama signed an executive order that authorizes a sanctions program against cyberattackers that pose a serious threat to the U.S. interests. Obama said that the primary focus was on cyber threats from other countries. In most cases, law enforcement and diplomatic tools will be an effective response. But targeted sanctions give the U.S. agencies a “powerful way to go after the worst of the worst.” The executive order encourages information sharing about cyber threats between federal agencies and private companies.