Russia Link Said to Be Suspected in Attack on White House Computers

Updated on

A member of the U.S. Secret Service looks through binoculars on top of the White House in Washington, D.C., U.S., on Monday, Sept. 22, 2014

Photograph by Andrew Harrer/Bloomberg

U.S. cybersecurity specialists suspect that Russian government or criminal hackers were responsible for an attack on an unclassified White House computer system, according to two American officials.

It’s not clear whether the attack was carried out by Russian government agents or criminals, the officials said today, speaking on condition of anonymity because they aren’t authorized to speak to the media. The line between agents and criminal hackers is sometimes non-existent, they said.

The White House said yesterday that it had identified potentially threatening activity on its computer network and had taken immediate steps to deal with it.

Relations between the U.S. and Russia have worsened since forces loyal to Russian President Vladimir Putin seized parts of eastern Ukraine earlier this year. The attack on the White House network appears to bear some resemblance to recent Russia attacks on a public-facing North Atlantic Treaty Organization site and on the Ukrainian government, the officials said.

Those attacks exploited a zero-day vulnerability, called CVE-2014-4114, in Microsoft Vista 8.1 operating system, which initially was reported by security firm iSight Partners in collaboration with Microsoft, the officials said.

Efforts to defend the network caused some “inconveniences,” White House spokesman Josh Earnest told reporters today in Washington.

“It has not affected the ability of White House staffers and others who use the White House network to carry out the important work that’s done here on a daily basis,” he said.

The White House reported the potential threat on its network yesterday, hours after Secretary of Homeland Security Jeh Johnson ordered increased protection for federal government buildings, citing terror concerns.

Outside groups try to access the White House networks on a daily basis, and federal officials regularly assess and update security measures, Earnest said.