Following the recent major State Department hack, it is now believed that the same group of (presumably Russian) hackers is behind an attack on the White House.
U.S. officials who were briefed on the matter have confirmed that the systems were breached and that the hackers used their previously acquired access to the State Dept. systems to reenter the White House network. Although no classified information was accessed, the hackers did gain access to highly sensitive information, such as real-time non-public details of the President’s schedule.
The networks of the White House were first breached back in October 2014. When the threat was detected, the network was immediately shut down and the security was periodically upgraded to prevent future breaches. According to a CNN report, “the intrusion was routed through computers around the world, as hackers often do to hide their tracks, but investigators found tell-tale codes and other markers that they believe point to hackers working for the Russian government.” These suspicions were not yet officially confirmed, however. It’s worth keeping in mind that sometimes premature conclusions are made, as was the case with Sony.
The White House uses two separate networks, one for classified information, while the other network – the one breached – is for everything else. According to Ben Rhodes, President Barack Obama’s deputy national security adviser, they are aware that this network can be breached. “We’re constantly updating our security measures on our unclassified system, but we’re frankly told to act as if we need not put information that’s sensitive on that system,” he said. “In other words, if you’re going to do something classified, you have to do it on one email system, one phone system. Frankly, you have to act as if information could be compromised if it’s not on the classified system.”
According to one official, the hackers have been inside the White House systems ever since their initial entry, never really being eradicated.
Director of National Intelligence James Clapper says that the Russian cyber threat is even more severe than previously thought. Proper training must be in place to educate government employees about the various techniques hackers use to gain access to systems. Often, a simple phishing attack is enough to gain hackers an entry.