White House battles cyberattacks on a daily basis

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://archive.courierpostonline.com/usatoday/article/25460741

The White House is under attack every day.

Cyber attack.

The methods change, and the suspects range from individual actors to
governments like Russia, China, North Korea and Iran.

The goal is basically the same, to penetrate government computers for
classified information.

Government networks are probed continually, including the White House, said
one Obama administration official, speaking on anonymity to discuss
internal security.

The upshot: a constant behind-the-scenes cyber battle between the United
States and would-be hackers, some with links to foreign governments. Few
offensives are made pubic, though an October breach that may have involved
Russia continues to draw media scrutiny, including a CNN story Tuesday.

The battle lines are constantly moving: Hackers try to penetrate government
computer systems; governments set up defenses to try and thwart them;
hackers try new methods; the government tries new defenses.

Cyber defense isn't the only goal here, officials said. Security systems
are designed so that U.S. officials can understand what would-be intruders
are trying to do, how they're trying to do it, and what their intentions
are.

The private war became somewhat public when the White House disclosed in
October that it made changes to one of its networks because of an attempted
intrusion.

In an Oct. 29 statement, the White House said it had "identified activity
of concern" on the unclassified Executive Office of the President network,
and that officials "took immediate measures to evaluate and mitigate the
activity."

The statement also said that "the Executive Office of the President
receives alerts concerning numerous possible cyber threats on a daily
basis" and that all are taken seriously. "Certainly a variety of actors
find our networks attractive targets and seek access to sensitive
government information," the White House said.

Administration officials said no classified files were hacked during that
incident. They declined to point the finger specifically at Russia but said
Russian interests are among the suspects.

White House spokesman Josh Earnest declined to discuss the case in detail
on Wednesday, saying only that "we took appropriate steps to address" the
problem. "And we did so," he added, "mindful of the fact that our computer
network here is going to continue to be a target."

There have been times when officials have pointed the finger at other
nations. The administration accused North Korea of being being behind last
year's hack attack of Sony Pictures, calling it retaliation for a comedy
film mocking leader Kim Jong Un. North Korea denied the accusation (and,
like other countries, accused the U.S. of hacking other nations).

Administration officials said they are constantly updating cybersecurity
systems in efforts to meet ever-evolving threats and that the issue is a
high priority for President Obama.

In January, during a visit to the National Cybersecurity and Communications
Integration Center, Obama pitched cybersecurity legislation that included
new law enforcement tools. In his State of the Union Address that same
month, Obama said, "no foreign nation, no hacker, should be able to shut
down our networks, steal our trade secrets, or invade the privacy of
American families, especially our kids."

The U.S. should fight cyber threats "just as we have done to combat
terrorism," Obama said.

In February, the administration unveiled the Cyber Threat Intelligence
Integration Center.

Ben FitzGerald, with the Center for a New American Security in Washington,
D.C., said the White House is wise to assume there are "daily, persistent,
ongoing efforts" to tap into its computer systems.

Not only is the information valuable, there are relatively few risks to
hack attacks on the White House. FitzGerald, who directs the center's
Technology and National Security Program, said it's hard to prove who is
behind an attack. He also said making accusations against a specific
country like Russia or a China could lead to a diplomatic incident that
isn't worth it.

Given the lack of public information, it's impossible to say specifically
how many times the White House has been attacked, and how successful its
defenses are, FitzGerald said.

"That," he said, "would require being on the inside."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!