Cybersecurity

Assessing the White House breach

Officials acknowledged that hackers breached the White House's unclassified computer networks in the past few weeks, and a Washington Post report says the Russian government was the likely culprit.

"The White House has detected some activity of concern on the White House network," said spokesman Josh Earnest, who would not speculate on the identity of the hackers.

A White House official told Reuters that mitigation efforts were ongoing but declined to identify the nature of the breach.

"In the course of assessing recent threats, we identified activity of concern on the unclassified [Executive Office of the President] network," the official told Reuters. "Any such activity is something that we take very seriously. In this case, we took immediate measures to evaluate and mitigate the activity."

According to the Post, the breach caused "temporary disruptions to some services," though unnamed sources told the newspaper that the breach did not damage any systems and there was no immediate evidence that a classified network had been breached.

Some experts are saying the attack might not have sought to cause any real damage. Mike Lloyd, chief technology officer at RedSeal, said modern malware is often designed to do as little as possible in order to avoid detection.

"Adversaries understand the value of good information, of maps and the relationship of assets," Lloyd said. "Such information can be extracted with a minimum of fuss, unless the person being scanned is very diligent and observant."

According to the Power Line blog, the computer system in the Executive Office of the President was down for about a week while IT staffers identified and fixed the issue, although email and Internet access were quickly restored.

Michele Borovac, vice president of HyTrust, said the breach highlights the importance of building defense with more depth.

"Perimeter security is no longer adequate as hackers are clearly able to get inside networks almost at will," Borovac said. "Once inside, hackers will 'land and expand,' ideally finding privileged administrator accounts that would grant them unfettered access to more important systems."

Lloyd lauded the White House's response.

"It seems in this instance the White House did well," he said. "They were paying enough attention to detect someone just trying to gather information without immediately doing any harm."

About the Author

Colby Hochmuth is a former staff writer for FCW.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.