Hackers read Obama's emails thanks to basic phishing attacks
Russian hackers have read President Obama's emails.
The New York Times reports that the correspondence was collected after the hackers compromised the White House's unclassified network. And while the emails aren't classified, they could still contain sensitive information, as CNN revealed when it first reported on the breach.
The report is based on testimony from unnamed American officials familiar with the investigation into this hack. Those officials claim that the hackers were not able to compromise the government's classified networks with this attack, and that Obama's email account doesn't appear to have been compromised.
But they also claim that the breach was perpetrated by the "most sophisticated actors" the government has seen. Other reports into the hackings dispute that claim, and show that both networks were broken into with nothing more than phishing emails with links to the malware that compromised both networks.
It (reportedly) happened a little something like this: a member of the State Department received an email that featured a bogus link. That person clicked on the link, which compromised the State Department's unclassified network. The information gleaned from that network allowed a phishing attack on the White House, which offered the hackers access to its unclassified network.
The hackers are said to be using more advanced techniques to evade the government's attempts to expel them from the networks, which contain information about the president's schedule, policy debates, and other sensitive matters. But the breaches themselves started with basic phishing attacks.
If these are the "most sophisticated actors" the New York Times' sources have ever seen, it's a wonder these networks aren't broken into far more often.
[illustration by Brad Jonas]