Criminal hackers doing the bidding of the Russian government are believed to have hacked into a non-classified White House computer network last year, according to a person with knowledge of the investigation.
An analysis of the malicious code and other evidence gathered show certain characteristics known to be used by criminal hackers working under the sponsorship of the Russian government, said the person who wasn’t authorized to speak publicly about the investigation.
The White House intrusion, which some U.S. officials believe was carried out by hackers who had earlier gained entry into State Department computers, was likely a signal from the government in Moscow in retaliation for sanctions the U.S. has imposed on Russia, the person said.
White House spokesman Josh Earnest declined on Wednesday to blame Russia for the attacks, and said the administration took appropriate steps to mitigate the damage.
“The White House computer system is a target for a wide variety of criminal actors and others who may have designs on trying to infiltrate our system,” Earnest told reporters. “It continues to be true, as we said at the time, that there was no evidence our classified network was compromised.”
The White House said in October that it had identified potentially threatening activity on its computer network and tried to close off access. The hackers may have reached the White House data through an earlier intrusion at the State Department, where officials regularly use e-mail to communicate with colleagues, according to U.S. officials who spoke on condition of anonymity.
The Russian embassy in Washington didn’t respond to a phone call seeking comment. Russia had rejected a report by CNN on Tuesday that its government was involved in hacking a non-classified White House computer network that exposed sensitive parts of the e-mail system.
“It has become a kind of sport to blame everything on Russia,” Kremlin spokesman Dmitry Peskov told reporters on a conference call on Wednesday. “But the key thing is that they wouldn’t go searching for Russian submarines in the Potomac River, like it was the case in some other countries.”
A Russian-based hacking group was discovered to be attacking high-value government targets in the U.S. and other countries around the time that the White House and State Department were infiltrated, said Brian Bartholomew, lead technical analyst for iSight Partners Inc., a Dallas-based cybersecurity company.
“We cannot say for certain that this group is working for the Russian government, but it is a possibility given the way it operates and the kinds of data it is seeking to steal,” Bartholomew said in a phone interview.
The malware and tactics it employed is consistent with state-sponsored espionage and aimed at stealing sensitive data, he said.
U.S. silence on whether Russia was behind the hack is at odds with how government officials publicly pointed fingers at other nations in the wake of attacks. The U.S. accused North Korea in December of attacking Sony Pictures Entertainment and indicted five members of the Chinese military last year for hacking U.S. companies.
The U.S. has “a complex relationship with Russia” and President Barack Obama is still “looking for opportunities where we can cooperate,” Earnest told reporters Wednesday.
“Our investigators have concluded that it’s not in our best interest to identify the entity that may be responsible for this specific activity of concern,” he said.
U.S. intelligence officials say the pace and sophistication of Russian-sponsored attacks have increased as tension over Ukraine has grown and the U.S. has imposed economic sanctions on Russia.