CybersecurityRussian hackers used compromised State Dep. computers to penetrated W.H. systems
U.S. officials said that Russian hackers who penetrated the computer systems of the U.S. State Department in recent months were able to use the access they gained to penetrate parts of the White House computer system. Experts from government agencies looking into the incident say the breach is one of the most sophisticated attacks to have been directed at U.S. government systems. The hackers used computers around the world to mask their penetration, but investigators were able to identify codes and other markers which point to hackers working for the Russian government.
U.S. officials said that Russian hackers who penetrated the computer systems of the U.S. State Department in recent months were able to use the access they gained to penetrate parts of the White House computer system.
The White House has insisted that the breach affected only the White House’s unclassified computer system, but experts say that the breach was serious nonetheless. For example, the president real-time daily schedule is posted on the unclassified system, which is not public.
CNN reports that back in October the White House said it had noticed suspicious activity in the unclassified network – and that the system has been shut down from time to time for security upgrades.
Experts from government agencies looking into the incident, among them the FBI, Secret Service, and U.S. intelligence agencies, say the breach is one of the most sophisticated attacks to have been directed at U.S. government systems. The hackers used computers around the world to mask their penetration, but investigators were able to identify codes and other markers which point to hackers working for the Russian government.
Security experts familiar with the case say that in order to get to the White House, the hackers first breached the State Department’s systems.
CNN notes that despite on-going efforts to make the State Department computer systems more secure, Russian hackers have been able to enter – and reenter – these systems. One official told CNN that the Russian hackers have “owned” the State Department system for months and it is not clear the hackers have been fully eradicated from the system.
Security experts believe the White House intrusion began with a phishing e-mail which appeared safe because it used a State Department e-mail account, which the intruders had taken over once they were inside the State Department systems.
Director of National Intelligence James Clapper, in a speech at an FBI cyberconference in January, urged government officials and private businesses to educate employees about what “spear phishing.”
“So many times, the Chinese and others get access to our systems just by pretending to be someone else and then asking for access, and someone gives it to them,” Clapper said.
The scope, sophistication, and persistence of recent Russian intrusions took U.S. officials by surprise, and have led the U.S. intelligence community to reassess the cybersecurity threat Russia poses.
In February Clapper told a Senate hearing in February that the “Russian cyberthreat is more severe than we have previously assessed.”