STE WILLIAMS

A breach at the White House last year was far more serious than first thought, according to the New York Times.

Quoting fully briefed officials, reporters Michael S. Schmidt and David E. Sanger said in addition to acquiring the president’s itinerary, hackers also managed to access some of his email correspondence when they penetrated a White House unclassified system in October.

The breach, which the officials described as being “far more intrusive and worrisome than has been publicly acknowledged,” didn’t reach far enough to access the content on President Obama’s Blackberry phone or any classified information and networks.

But the unclassified network that was breached gave the attackers access to the email archives of people that Obama corresponds with, which included emails that the president had sent and received.

The New York Times report says many White House officials have two computer systems in their offices:

One operating on a highly secure classified network and another connected to the outside world for unclassified communications.

Unfortunately, according to the Times, many officials often use the unclassified network to send data that should in fact be communicated by the more secure system, such as:

Schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and, inevitably, some debate about policy.

Obama’s classified communications, however, are mostly given orally or in writing – sometimes using an iPad connected to the classified network – and typically limited to the Oval Office or Situation Room.

Following the discovery of the breach in October, the unclassified email system was severely curtailed until administrators were able to confirm that the intruders no longer had access, with one official telling the New York Times that the intrusion was deemed so serious that officials met daily for several weeks after it was discovered.

While the White House systems were given the all clear at the end of October, the State Department continued to experience its own breach, the severity of which led to an unusual workaround:

The disruptions were so severe that during the Iranian nuclear negotiations in Vienna in November, officials needed to distribute personal email accounts, to one another and to some reporters, to maintain contact.

Though there is no official word from the White House, unnamed officials did tell the Times that those behind the attack were highly likely to be Russian citizens either with links to the government or direct backing from Russia, with one quoted as saying:

It’s the Russian angle to this that’s particularly worrisome.

Despite recent high profile finger wagging at North Korea over the Sony hack, and Iran after the Sands Casino was attacked, the incursion at the White House has prompted no such response, despite coming at a time of increased political tension with Russia over its annexation of Crimea, increased military patrols in Europe and a buildup of troops in Ukraine.

Internally, the attack has raised questions surrounding the protection of electronic devices used by a president who is far more willing to engage with the latest technology than his predecessor, George W. Bush, who was known not to use email at all.

While it’s unlikely that Obama has been advised to ditch his smartphone altogether, one close associate was quoted as saying the president had sent significantly fewer emails in the six months since the attack came to light.

Follow @Security_FAQs
Follow @NakedSecurity

Image of Obama courtesy of Christopher Halloran / Shutterstock.com.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/_PaQjcoyGcE/