CNN is reporting late Tuesday the stunning admission by the Obama White House that its system was penetrated by the same Russian hackers who got into the State Department. Given the strength of the White House’s security system, Hillary Clinton’s homebrew server would have been child’s play for this crew to raid.
CNN is remarkably swift to dismiss White House spin about the severity of the intrusion:
While the White House has said the breach only ever affected an unclassified system, that description belies the seriousness of the intrusion. The hackers had access to sensitive information such as real-time non-public details of the president’s schedule. While such information is not classified, it is still highly sensitive and prized by foreign intelligence agencies, U.S. officials say.
The White House in October said it noticed suspicious activity in the unclassified network that serves the executive office of the president. The system has been shut down periodically to allow for security upgrades.
The FBI, Secret Service and U.S. intelligence agencies are all involved in investigating the breach, which they consider among the most sophisticated attacks ever launched against U.S. government systems. The intrusion was routed through computers around the world, as hackers often do to hide their tracks, but investigators found tell-tale codes and other markers that they believe point to hackers working for the Russian government. A spokesman for the National Security Council declined to comment. Neither the U.S. State Department or the Russian immediately embassy responded to a request for comment.
CNN also reports the Russian hackers are back inside the State Department network: “One official says the Russian hackers have ‘owned’ the State Department system for months and it is not clear the hackers have been fully eradicated from the system.”
The White House hack appears to have been carried out with a “spear phishing” assault launched from a compromised State Department account. In essence, an email with a viral payload was sent to someone at the White House by a hacker pretending to be a State Department employee.
The First Cyber War is fought with lots of plausibly deniable cutouts and mercenaries, but in this case the hand of the Russian government seems evident to American analysts. The Obama White House has been criticized for taking cyber assaults on American industry too lightly, and tiptoeing around politically inconvenient hacker aggression, such as the exploits of our new Partners-in-Peace in Iran. Perhaps all that will change, now that the White House has been hit hard enough to alarm CNN.