Analysis

Was Russia really behind White House hack?

Security experts examine CNN's claim that Russia is attacking President Obama's home

The Capitol Building

Security experts have aired doubts over claims Russia was behind dangerous hacks on the White House's computer systems.

Hackers got their hands on sensitive White House data including President Barack Obama's schedule last October, and todayCNN blamed Russia for the attacks, citing anonymous US officials as sources.

The site claims the hackers routed their attacks through computers across the globe, and while classified systems were untouched, the White House admitted its unclassified network was breached - subsequently pulling it offline numerous times for security upgrades.

Agencies including the FBI and the Secret Service are now investigating the breach, and are pointing the finger at Russia, according to CNN.

Advertisement
Advertisement - Article continues below

However, the National Security Council declined to confirm the claims, and security analysts have voiced reservations over accusing Russia without clear proof.

Graham Cluley, an independent computer security analyst, said that CNNis likely connecting the Russian hackers to a cybercrime operation called Operation Pawn Storm, undertaken last October.

Pawn Storm hit government, military and media targets in the US, Europe and Pakistan with spearphishing and malware attacks.

As they also targeted anti-Russian dissidents, he said it would be no surprise to see Russia as a likely suspect.

However, Cluley added in a blog post: "Even if fingers of suspicion are pointing towards Russia, that's very different from having convincing proof that Moscow is behind the hack.

"Attribution of internet attacks is notoriously difficult and much harder than the average man in the street (and possibly politician) imagines, which is certainly a frustration for news reporters who wish to tie up a story with a simple bow."

He warned against casting Russia as the villain so quickly, following sceptics condemning the US for blaming North Korea for last year's huge hack into Sony Pictures.

The FBI publicly blamed North Korea, but experts pointed out plenty of holes in the agency's reasoning.

"We shouldn't jump too easily behind headlines claiming that the Russian government is behind this latest hack of the White House either," said Cluley.

Dwayne Melancon, CTO at IT security firm Tripwire, agreed. "Attribution is difficult. A savvy attacker can not only cover their tracks, they can often mislead you into believing someone else is behind the attacks," he said."I hope the White House has strong evidence to claim Russian responsibility."

Advertisement
Advertisement - Article continues below

What happens next?

CNN's report appeared after President Obama announced his intention to use tougher measures to deter foreign hackers at the start of the month.

"The increasing prevalence and severity of malicious cyber-enabled activities originating from, or directed by, persons located, in whole or in substantial part, outside the US constitute an unusual and extraordinary threat to the national security, foreign policy and economy of the US. I hereby declare a national emergency to deal with this threat," Obama announced.

The sanctions include limiting foreign countries' access to American financial systems and technology.

However, the US hasn't publicly labelled Russia as the culprit behind the White House attacks, and presumably would have to do so to justify any sanctions.

With relations tense between the two countries, the US may choose to deal privately with the matter, without resorting to sanctions.

In that case, WhiteHat Security founder Jeremiah Grossman said the US must concentrate on improving its security as well as legislating against hackers.

"Whatever new legislation the White House or Congress isplanning, does it have any chance of preventing this kind of incidentfrom happening again?" he said.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/malware/33080/hackers-abuse-linkedin-dms-to-plant-malware
malware

Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

3 Sep 2019
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

8 Mar 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019