backtop


Print

After months of embarrassing physical security lapses, the Presidential residence appears to suffer a digital breach

Sometimes when you're laser focused on spying on your own citizens (more specifically 75 percent of their internet traffic and 99 percent of their phone calls) and your allies, sometimes you don't have time for the tedious task of safeguarding your own networks from foreign hackers.  That seems to be the case for the White House, whose unclassified internal staff network was reportedly accessed by hackers.
  
The hackers reportedly entered through the employee virtual proxy network (VPN) system, which gives employees remote access to email and other unclassified local resources.  Traces of the intrusion were only observed post-mortem "two to three weeks ago", according to The Washington Post.  And the intrusion had gone unnoticed until an ally took note of the peculiar traffic and sent a warning to the White House IT staff.

The White House
The White House -- America's presidential residence -- has suffered embarassing security intrusions in recent months. [Image Source: Outside the Beltway]

I. Breach is Confirmed

The Washington Post cites one official as saying:

In the course of assessing recent threats, we identified activity of concern on the unclassified Executive Office of the President network.  We took immediate measures to evaluate and mitigate the activity. . . . Unfortunately, some of that resulted in the disruption of regular services to users. But people were on it and are dealing with it.

Certainly a variety of actors find our networks to be attractive targets and seek access to sensitive information.  We are still assessing the activity of concern.

A second official reportedly said:

On a regular basis, there are bad actors out there who are attempting to achieve intrusions into our system.  This is a constant battle for the government and our sensitive government computer systems, so it’s always a concern for us that individuals are trying to compromise systems and get access to our networks.

The Washington Post and The New York Times cited administration officials as stating that there was no evidence of a more serious breach of the classified networks used by the President, high-level executive branch staff, and high level members of the U.S. Military and Intelligence community.
 
The breach is being investigated by the Secret Service, the U.S. Federal Bureau of Investigation (FBI), and the National Security Agency (NSA).
 
II. Hackers Probed Network, But Reportedly Did No Damage
 
According to the report, the attackers did not seek to damage computers, or take over other systems at the White House.  Instead they appeared to be merely methodically mapping the network from the node they gained unauthorized access to.  This suggests a greater level of sophistication.  The Washington Post reports:

In the case of the White House, the nature of the target is consistent with a state-sponsored campaign, sources said.

Probable culprits include Russia, a prominent figure in the world of global hacking, and China, which has been developing a crack team of military hackers.  Like the U.S., both Russia and China have shown a penchant for sparing no expense in their efforts to spy on both their own people and the world at large.
 
There have been past reports of hackers gaining unauthorized access to the White House, but it's unclear whether there was ever official confirmation of those incidents.
 
The White House IT staff responded to the recent intrusion by forcing all White House staff with VPN/intranet access to change their passwords.  Files remained inaccessible for weeks, according to reports, but email access was preserved as IT staff looked to prevent further probing of the network.
 
III. The White House Falls Victim to Both Cyber and Physical Intrusions.

The entire incident bears some resemblance to the recent lapses in physical security at the White House by the U.S. Secret Service.  In the past five years, the Obama administration has seen 16 separate incidents of people scaling the White House fence, according to official documents.  
 
Secret Service reports reveal that a 2011 shooting was improperly dismissed as "cars backfiring", telling security staff to "stand down".  It turned out that the shooting was very real.  Four days later a housekeeper discovered signs of damage, leading to the realization that at least seven bullets, fired from a high-power automatic assault rifle had struck the White House.  One had even shattered a second story window, damage that went unnoticed for more than half a week.    


White House hits
A Secret Service document details where the bullets struck the White House. [Image Source: The White House via The Washington Post]

Secret Service initially claimed that the shooting was a gang gun battle and that the bullets were accidental and not intended for the White House.  Eventually federal investigators discovered that wild claim was as much utter bunk as it sounded.  In reality the gunshots had come from an angry and troubled 21-year-old U.S. citizen from Idaho.  Before travelling to the capitol, he had told relatives that he "needed to kill" the President.  That man was eventually sentenced to 25 years in prison and fined $94,000 USD for attempted assassination.
 
In August, a homeless, armed veteran managed to make it into the East Room of the White House before he was finally detained.  Any armed intruder is supposed to be shot dead on sight, according to the White House's security policy, but multiple security lapses allowed the man's potentially dangerous impromptu tour of the White House.  

White House intruder

White House Intruder
Omar Gonzalez broke into the White House armed in late September.  He was eventually arrested without anyone being harmed. [Image Source: The Washington Post (top), The Heavy (bottom)]

In a separate, more humorous incident -- also in August -- a toddler managed to squeeze through the fence bars, triggering a lockdown by security staff.

Sources: The Washington Post, The New York Times





"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer










botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki