White House computers breached by hackers
In the latest example of the federal government's cybersecurity woes, the White House revealed that one of its unclassified computer networks has been breached by hackers.
While early reports have yet to fully identify the nature or scope of the attack, the impact appears fairly minimal as of now. An anonymous White House official told The Washington Post that no classified networks were breached and that the affected systems appear to be undamaged. According to this official, White House cybersecurity personnel "took immediate measures to evaluate and mitigate the activity." However, some services were disrupted for regular users as a result of this response.
It is currently unclear whether any White House data was accessed, nor what kind of information may be at risk of exposure.
The Washington Post reported that the National Security Agency, Secret Service and FBI are all working to investigate this breach.
The breach unfolds
The cyberattack itself occurred a while ago – at least two or three weeks ago, White House officials told the news source. The White House was tipped off by an unnamed ally, which led tech teams to identify unusual activity on the Executive Office of the President network. In light of this discovery, officials selectively deactivated Intranet and VPN access at times. Certain email systems were also delayed at various points.
According to White House officials, this cyberattack is not a surprise.
"On a regular basis, there are bad actors out there who are attempting to achieve intrusions into our system," said the official, the source reported. "This is a constant battle for the government and our sensitive government computer systems, so it's always a concern for us that individuals are trying to compromise systems and get access to our networks
Officially, the White House declined to identify any suspects in the hacking, for fear that this could undermine the investigation. However, anonymous sources within the White House informed The Washington Post that the hackers were likely working for the Russian government. The source noted that cybersecurity firms have identified a number of recent cyberattacks on NATO, U.S. defense contractors and the Ukrainian government, all of which are thought to be the work of Russia-backed hackers.
These and other attacks are an increasing threat according to cloud security expert Gerry Grealish, USA Today reported.
"Foreign government-sponsored hackers are a very real threat to public and private sector IT networks," said Grealish, USA Today noted. "Today's cyber attacks are better funded, more aggressive and sophisticated, and can come from a myriad of external and internal sources."
Speaking to USA Today, Ben FitzGerald of the Center for a New American Security stated that the most alarming aspect of this incident was not the intrusion itself, but rather the fact that it was an unnamed ally, rather than the White House's own cybersecurity team, that first noticed the cyberattack.
"How does an ally figure that out?" said FitzGerald, the source reported. "What were they monitoring that we weren't?"
As The Washington Post noted, Russia-backed cybercriminals are believed to be responsible for a 2008 attack on U.S. military classified networks. This incident led to the creation of the U.S. Cyber Command, a system specifically designed to protect critical computer networks.
Obviously, though, this and other federal cybersecurity efforts proved insufficient in this case. This suggests that the White House and federal agencies need to revamp their cybersecurity defenses. More robust partnerships with private sector firms, along with stricter policies governing usage and access among staff, may prove critical in protecting sensitive information and assets in the future.