More information is emerging about the Russian attack on the White House’s unclassified network last year, including the revelation that President Obama’s emails were accessed by hackers.
A quick recap:
- In October 2014, anonymous White House officials revealed that hackers had breached the White House’s unclassified network, “resulting in temporary disruptions to some services”. The White House downplayed the event, saying that this sort of thing happened on “a regular basis”.
- In April 2015, it was revealed that the attack was perpetrated by Russia and was worse than initially admitted. Sensitive information including the president’s schedule was apparently accessed, but deputy national security advisor Ben Rhodes was quick to reassure the public that nothing classified had been compromised. It also transpired that the hackers gained access to the White House network via a phishing attack on the State Department.
- Last week, Kaspersky identified the group responsible for the attack as “CozyDuke (aka CozyBear, CozyCar or ‘Office Monkeys’)” – a “precise attacker” that targeted “government organizations and commercial entities in the US, Germany, South Korea and Uzbekistan”, spreading malware via email phishing campaigns.
Now, the New York Times reports that, according to “senior American officials briefed on the investigation,” the cyber attack was “far more intrusive and worrisome than has been publicly acknowledged”, and that the hackers “obtained access to the email archives of people inside the White House, and perhaps some outside, with whom Mr. Obama regularly communicated. From those accounts, they reached emails that the president had sent and received”.
Officials “did not disclose the number of Mr. Obama’s emails that were harvested by hackers, nor the sensitivity of their content” but “have conceded that the unclassified system routinely contains much information that is considered highly sensitive: schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and, inevitably, some debate about policy.”
Phishing awareness training
Phishing attacks, in which unsuspecting users are tricked into downloading malware or handing over personal and business information, are becoming increasingly common. They usually take the form of email links to malicious websites masquerading as legitimate ones.
Every day, 156 million phishing emails are sent, 15.6 million make it through spam filters, 8 million are opened, 800,000 recipients click on the links, and 80,000 of them unwittingly hand over their information to criminals.
Organizations should ensure that their staff are properly trained to recognize phishing scams, and exercise caution when clicking links in unsolicited messages.
IT Governance’s Employee Phishing Vulnerability Assessment will identify potential vulnerabilities among your employees and provide recommendations to improve your security, giving you a broad understanding of how you are at risk and what you need to do to address these risks.