The U.S. government now thinks they have found the methods used by Russian hackers to gain access to White House computers. Starting back in October 2014, White House officials claimed they had noticed some suspicious activity in the network of computers used specifically for information pertaining to the president.
Although none of the files that were compromised included classified information about the commander-in-chief, what was accessed was still sensitive. For example, the hack apparently included some of the non-public, detailed travel plans of the president.
Everyone from the FBI to the Secret Service is working together to find out as much about the hack as possible, which they claim is one of the most advanced ever to target the U.S.
It is believed that the hackers gained access to the White House computers by initially breaching systems at the State Department before using traditional techniques commonly used by state-sponsored attacks like sending malicious emails to targets. Once these emails were opened, malware then made its way to the White House through a network of other computers.
The system of White House computers that was compromised has been shut down for cybersecurity upgrades, which some feel leads to more vulnerability. Being able to immediately point out system breaches through a managed SIEM solution can prevent significant long-term damage, which is hopefully one of the upgrades that is being considered.
Cybersecurity news and analysis brought to you by ArcticWolf, inventors of firebreak detection and response security services. FireBreak, when your firewall fails.