Pando

Russians hacked the White House thanks to a simple phishing attack

By Nathaniel Mott , written on April 8, 2015

From The News Desk

State Department hackers conducted a phishing attack that allowed them to access a White House network that had "real-time non-public information about the president's schedule," among other data, according to a report from CNN.

The intrusions have been attributed to Russian-sponsored hackers who have increased the "pace and sophistication" of their attacks because of the situation in Ukraine and the United States' economic sanctions against the motherland.

The hackers are said only to have access to unclassified networks, but as the CNN report shows, that doesn't mean the information they hold isn't valuable. And it wasn't too hard to gain access to those networks -- phishing attacks are simple but also astoundingly effective, as Wired explains in a post about them:

An estimated 91-percent of hacking attacks begin with a phishing or spear-phishing email. Although firewalls and other security products on the perimeter of a company’s network may help prevent other kinds of malicious traffic from entering the network—for example through vulnerable ports—email is generally considered legitimate and trusted traffic and is therefore allowed into the network. Email filtering systems can catch some phishing attempts, but they don’t catch all of them. Phishing attacks are so successful because employees click on them at an alarming rate, even when emails are obviously suspicious.
This entire episode might actually be little more than a chain of phishing attacks. The State Department breach started with an employee opening a bogus link in an email. The hackers then used that access to conduct another phishing attack against the White House. (Talk about swimming with the phishes, right? Right?)

The hackers are said to be using more sophisticated methods to maintain their access to the State Department and White House networks. That's part of the reason why the hackers still haven't been expelled from either of the networks.

Yet the National Security Agency's director still believes the US should prioritize offense so it can frighten other countries out of conducting cyberattacks. Fair enough -- but maybe teach people to stop clicking on suspicious links, first.

[illustration by Brad Jonas]