U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

How Russians hackers breached the White House unclassified network

According to the CNN Russian hackers used data gathered from State Department to run a Phishing campaign against White House staffers. On October 2014, the Reuters Agency published the news that a suspicious activity had been detected on the Executive Office of the President (EOP) network. According to an unnamed official at the White House, hackers infiltrated an […]

How Russians hackers breached the White House unclassified network

According to the CNN Russian hackers used data gathered from State Department to run a Phishing campaign against White House staffers.

On October 2014, the Reuters Agency published the news that a suspicious activity had been detected on the Executive Office of the President (EOP) network. According to an unnamed official at the White House, hackers infiltrated an unclassified network, the Obama Administration confirmed the incident.

The New York Times reported that an unnamed official working at the White House has admitted systems used by President Obama’s staff were breached by external hackers. The intrusion was detected by defense systems and triggered a temporary system outages.

The system outages was caused “as a result of measures we have taken to defend our network,” said the official.

According the experts the hacker was engaged in reconnaissance, there is no evidence of data breach, neither of sabotage. The attacker was trying to discover the composition of the  unclassified White House network.

“Administration officials said the attack did not appear to be aimed at destruction of either data or hardware, or to take over other systems at the White House. That strongly suggests that the hackers’ intention was either to probe and map the unclassified White House system, find entry points where they connect to other system or conduct fairly standard espionage.” reported The New York Times.

Shortly before the attack against the unclassified network at the White House, security experts at FireEye reported of another ATP group, dubbed APT28, which seems to be linked to the Russian government and that is active since 2007. APT28 run a cyber espionage campaign against governments, militaries and security companies worldwide.

APT28 report 2 Russian hackers against white house

US officials involved in the investigation have told CNN that Russian hackers used their account after compromising the U.S. State Department to gather sensitive information on the unclassified White House network.

Now the CNN has provided further details of the cyber attack, the news agency has confirmed that Russian hackers breached the unclassified network of the US Government and have had access to the president’s schedule. This kind of information despite is not classified, is usually not publicly shared.

“Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system, according to U.S. officials briefed on the investigation.” reports the CNN.

The hackers breached the White House network using the information gathered thanks a precedent attack against the email systems in the U.S. State Department. The Russian hackers were inside the systems at the State Department for months, and many security experts speculate that they still have the access to the Government Office.

Investigators believe that hackers used their access to the State Department systems to run a phishing campaign the White House staffers.

National Security Council spokesman Mark Stroh didn’t confirm the Russian origin of the attack, but he said that “any such activity is something we take very seriously.”

“In this case, as we made clear at the time, we took immediate measures to evaluate and mitigate the activity,” he said. “As has been our position, we are not going to comment on [this] article’s attribution to specific actors.” added Stroh.

Neither the U.S. State Department nor the Russian Embassy have provided further details on the case.

Pierluigi Paganini

(Security Affairs –  White House, hacking)