Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Breach White House Network

Posted by Soulskill on from the dozens-of-solitaire-games-compromised dept.

wiredmikey writes: The White House's unclassified computer network was recently breached by intruders, a U.S. official said Tuesday. While the White House has not said so, The Washington Post reported that the Russian government was thought to be behind the act. Several recent reports have linked Russia to cyber attacks, including a report from FireEye on Tuesday that linked Russia back to an espionage campaign dating back to 2007. Earlier this month, iSight Partners revealed that a threat group allegedly linked with the Russian government had been leveraging a Microsoft Windows zero-day vulnerability to target NATO, the European Union, and various private energy and telecommunications organizations in Europe. The group has been dubbed the "Sandworm Team" and it has been using weaponized PowerPoint files in its recent attacks. Trend Micro believes the Sandworm team also has their eyes set on compromising SCADA-based systems.

20 of 98 comments (clear)

  1. The unclassified network? by StevenMaurer · · Score: 5, Funny

    This XKCD comic comes to mind...

    1. Re:The unclassified network? by NatasRevol · · Score: 2

      No, what you should be worried about is that the classified is the same set of systems as the unclassified, just with a layer of security. And it's the same everywhere, including the national nuclear labs.

      Find a way around the security (like $10M in someone's swiss acct), and these same measures will work on the classified side.

      --
      There are two types of people in the world: Those who crave closure
    2. Re:The unclassified network? by lgw · · Score: 2

      "Classified" is too nebulous for useful discussion - what is the data classified as? Anything classified Secret or above is on an entirely different network - another of Bush's "internets". Confidential information, the same sort of thing any company keeps confidential, is on normal networks, just with a layer of security, just like anywhere else. The military also has a separate network for operational security.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    3. Re:The unclassified network? by harrkev · · Score: 2

      Worrisome? Stop with the fear talk...

      If somebody of a different nationality can make is past the border of the White House security, he deserves a path to have a legal account there. He needs the opportunity to prove that he can become a productive member of the White House network.

      --
      "-1 Troll" is the apparently the same as "-1 I disagree with you."
  2. Re:Thanks Obama! by Bonzoli · · Score: 3, Funny

    Weaponized powerpoint. Someone should copyright that.

  3. Russians as bogeymen? by gstoddart · · Score: 5, Interesting

    Yup, every time someone does this .. it's the Russians or the Chinese.

    I think Western spy agencies have jumped the shark so much in terms of what they do, that you could plausibly say it's really them doing all of this and doing it as a false-flag operation.

    I mean, come on, these clowns have been proven to be spying on the people who are meant to oversee them. They don't give a shit about the law, just their own powers.

    You can't come up with a conspiracy theory which is paranoid enough these days -- because long-thinkers with massive resources really are doing all of this shit these days.

    Hell, breaking into the Whitehouse systems lets you say you need more money for spying to prevent this kind of shit. And then you get the keys to the kingdom.

    --
    Lost at C:>. Found at C.
    1. Re:Russians as bogeymen? by Vokkyt · · Score: 2

      The evidence from the actual report that it's of Russian origins is a little specious for my taste, though part of the reasoning isn't exactly unfounded.

      Their evidence that it's of Russian origin is that a large number of the malware samples (APT28 as categorized by FireEye) included Russian Language settings along with English and "neutral" (which defaults to the environment defaults). That certainly is an eye-brow raiser in my mind, but I wouldn't say we got anyone with their hand in the cookie jar.

      The other reasoning is just specious and/or speculation. The compile times for the malware seem to correspond to the Timezone for Moscow/St. Petersburg working days, which just seems like an odd assessment to make. Even if the government were to be paying hackers in Russia to make and operate malware, are these hackers actually punching in and out for 8 hour work days? Not to suggest that this isn't exactly what is happening, but it just seems like coincidence is an equally plausible scenario with this.

      The other evidence is FireEye's own speculation on the targets could apply to other actors as well.

      Their analysis of the malware otherwise is pretty good, but I think there just isn't enough to really peg it down. There are plausible explanations for the evidence that FireEye brings up which is no more of a stretch than it being of Russian origin.The language setting is good evidence, but there are some fairly valid reasons why that might be the case.

  4. Stop using Microsoft products? by Anonymous Coward · · Score: 2, Interesting

    If the news was "bad guys leveraged a vulnerability in the White House's cardboard gate to break through", would people acknowledge the breach without questioning the cardboard gate?

    1. Re:Stop using Microsoft products? by Minwee · · Score: 3, Interesting

      If the news was "bad guys leveraged a vulnerability in the White House's cardboard gate to break through", would people acknowledge the breach without questioning the cardboard gate?

      Or would the media refuse to report on the Gate? It's about ethics, I tell ya'.

  5. Failed objective by 228e2 · · Score: 4, Funny

    They were looking to get into whitehouse.com, not whitehouse.gov
    ;-)

    --
    Since when does being a Socialist mean 'someone who has a different opinion than me'?
    1. Re:Failed objective by bioteq · · Score: 5, Funny

      I remember back in high-school (long, long ago,) one of my teachers was attempting to show off the school's new-fangled-lightning-fast T1 line. So he brought up whitehouse.com, not realizing that he had made a horrid mistake.

      Unfortunately, that was the first exposure to porn some of my classmates had encountered. It was a sad day for them, realizing there is porn on the internet.

      Ironically, I missed school for the next four days.

    2. Re:Failed objective by Jason+Levine · · Score: 2

      I made a similar mistake once trying to load Barnes And Noble's website where I typed in barnesNnoble.com. The woman in the photo definitely WASN'T reading a book! This wasn't at a presentation, luckily, but unfortunately I was new at my job and obviously didn't want my boss to walk in and see this on my screen. Also, unfortunately, these were the days before pop-up blockers so every window I closed opened another window with another woman-not-reading. Finally, I managed to close one of the windows before it got the JavaScript onunload code processed.

      (BTW, you can't replicate this now as, some years back, Barnes and Noble got a hold of the BarnesnNoble.com domain name.)

      --
      My sci-fi novel, Ghost Thief, is now available from Amazon.com.
  6. Re:Thanks Obama! by CaptainDork · · Score: 3, Funny

    © Sarah Palin

    FTFY

    --
    It little behooves the best of us to comment on the rest of us.
  7. Weaponized PowerPoint by Jason+Levine · · Score: 2

    Weaponized PowerPoint?

    "The slide came in so fast that half the people in the room were laying on the floor bleeding before we could react. And then the embedded video started.... Oh, god!!! The video!!!!!" *collapses sobbing*

    --
    My sci-fi novel, Ghost Thief, is now available from Amazon.com.
  8. Re:Thanks Obama! by TheTerseOne · · Score: 3, Funny

    Weaponized PowerPoint is redundant. Powerpoint has been a weapon against clear thinking, preparing for a meeting, and keeping people interested in what you're saying for a long time.

    And, of course, PowerPoint has already caused the space shuttle to crash. http://www.washingtonpost.com/...

    --
    "Newspapers: A tiny little part of the internet, printed out yesterday, and delivered to your house"
  9. Re:Thanks Obama! by Thud457 · · Score: 2

    The Powerpoint Ranger creed

    Discussion of the US Military's love of PPT on Edward Tuft's site. "Mustaches for everyone!" -- actual quote

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  10. Success! by NetNed · · Score: 3, Interesting

    Step one: get person to "hack" the white house network
    Step two: Claim "It's Russia!"
    Step Three: Stir up media reports about "How safe is the internet really" and "Do we need the government to police the internet?"
    Step four: Put in place controls that cripple the internet, spies on all Americans, and causes more laws to be written that stomp of the rights of Americans.


    Yeah they can track down who is illegally downloading the latest Bastille album but they have these loose "links" to Russia that they claim if "fact!" it is them.


    Couldn't be THIS could it?????

  11. Re:Thanks Balmer! by pla · · Score: 3, Insightful

    Powerpoint has been a weapon against clear thinking, preparing for a meeting, and keeping people interested in what you're saying for a long time.

    No one has ever cared about what the presenter had to say at meetings.

    It just took more effort before Powerpoint - Both by the presenter, who had to actually prepare instead of cutting and pasting Wikipedia into a slideshow; and by the audience, who had to actually look at the presenter (thereby risking eye-contact) rather than glazing over while staring blankly at a projector screen.

    Really, we should thank Microsoft for Powerpoint. Instead of meetings dragging on and on and on as the presenter rambles and people ask stupid questions in a futile effort to remain awake, now the meeting only lasts as long as the slideshow, no one asks any stupid questions, and everyone can go back to doing actual work that much sooner.

  12. Re:If Its Online by pla · · Score: 2

    I am willing to bet some joe-blow intern infected the network with someone doing some amazingly easy social engineering to him/her.

    Who needs social engineering? Just drop an infected flash drive somewhere near the front door, and sooner or later (usually sooner) someone will pick it up and plug it in.

    "Nuh-uh", you say? "They certainly have stupid things like autoruns turned off on the Whitehouse network!"

    "Hmm, what do we have on here... Random spreadsheet crap, OSHA regulations Powerpoint crap, launch code crap, more random crap, okay some mostly-geezer music I'll check out later, RNC 2016 strategy crap, even more random crap... Hmm, Fappening.Jennifer.Lawrence.Complete.zip.exe? Oooh, awesome, I never did get that on last leaked pic of her!" *click*

  13. Way ahead of his time. by Minwee · · Score: 5, Funny

    If only they had listened to Scott McNealy back in 1997...

    We had 12.9 gigabytes of PowerPoint slides on our network. And I thought, "What a huge waste of corporate productivity." So we banned it. And we've had three unbelievable record-breaking fiscal quarters since we banned PowerPoint. Now, I would argue that every company in the world, if it would just ban PowerPoint, would see their earnings skyrocket. Employees would stand around going, "What do I do? Guess I've got to go to work."