back to article WHITE HOUSE network DOWN: Nation-sponsored attack likely

Hackers have disrupted computer operations at the White House after breaking into its unclassified internal network. The attack, blamed by US government sources on Russian hackers, has resulted in the disruption of some services while incident response teams work to contain the intrusion. The White House network is under …

  1. DrBobK
    Black Helicopters

    Old hackers.

    I misread that as 'NIXON sponsored attack likely'. Showing my age, but an interesting mental association with a bygone species of White House hacker!

  2. Semtex451
    Coat

    I suppose we'd never hear about it if Putin's pronhub went down. Might explain is perpetual bad mood.

    1. Tapeador

      Putin porn

      I've an easier way of describing Putin's porn: "porn", given so much of it is Russian - part of the motherland's oversized primary sector along with extractive industries...

    2. Anonymous Coward
      Anonymous Coward

      You wouldn't have heard about this either, the MSM has, until now, refused to even investigate or ask questions. But a couple of bloggers persisted and the story is starting to come out. Given the usual mendacity of the current administration, I think we should take it as a given that if they say that only the non-classified parts were affected that really the classified network was penetrated as well.

  3. Khaptain Silver badge

    Article speculation

    >>US officials only became aware of the attack following notification by an ally.

    Would love to know what this statement really means...

    >>which bears the hallmarks of a state-sponsored attack

    What is the difference between a state attack and a normal attack ? Do the State attacks have some kind of "Sponsored by IBM/Fujitsu/Sony" header attached to the packets whioch helps identify the nation ? Or is this just based upon IP addresses...

    >>Russian hackers are among the most capable on the intelligence

    Given the number of enemies that the good ol'USA has at the moment I think that there are far more than just intelligent Ruskies that are attacking them. The Iranians, Chinese, Syrians are not so dumb either... What's to say that it is not the Germans searching for retribution of the Merkela phone hacking scandal...

    For all we know it might be a bloody FBI/CIA/NSA operation disguised as a pesky russian attack.

    1. stringyfloppy

      Re: Article speculation

      >>>US officials only became aware of the attack following notification by an ally.

      >>Would love to know what this statement really means...

      "While we were breaking into your network, we noticed that someone else had already broken in."

    2. Vociferous

      Re: Article speculation

      > Would love to know what this statement really means...

      It means that the GCHQ or Surete or Mossad have intercepted communications about the attack.

      > What is the difference between a state attack and a normal attack ?

      IP is a military installation, or resources are used which have been used by state hackers before (e.g. malware), spear phising mails designed with info not known to the public, or zero day exploits are used.

      > The Iranians, Chinese, Syrians are not so dumb either

      The "Syrian Electronic Army" are Russian state hackers.

      1. Khaptain Silver badge

        Re: Article speculation

        >>It means that the GCHQ or Surete or Mossad have intercepted communications about the attack.

        Wouldn't it be more advantageous for the GCHQ or Surete or Mossad not to inform the Mericans.

        >>IP is a military installation, or resources are used which have been used by state hackers before (e.g. malware), spear phising mails designed with info not known to the public, or zero day exploits are used.

        As I mentioned it could also be an inside job if there is inside information. Malware is easier to plant when you are already in the building and spoofing IPs is childs play for the Elite Govt Hackers ( The EGT are a theoretical group of hackers as no western Govt would ever admit to their existance).

        >>The "Syrian Electronic Army" are Russian state hackers.

        Yes possibly but the APT1(the Chinese), the Iranian Revolutionary Guard ( who control the largest comms network) and that German Hacking team ( they might have been white hats rather than black though) do exist and are very real.

  4. Anomalous Cowshed

    Modern, media-oriented deductive empiricism at work

    The Russians have the capacity, therefore it is the Russians who done it. QED.

    We are definitely making progress in our quest to refine popular logic.

  5. amanfromMars 1 Silver badge

    Every dark web cloud has its diamond studded silver lining

    Those peskie Russkies are just so convenient for the lame brained to blame, aren't they. And brilliant cover for those stealthy anonymous agents penetrations testing dumb systems for the markets and executive administrations into the exploiting of such vulnerabilities as may be endemic and systemic and practically unpatchable and indefensible.

  6. Lee D Silver badge

    Cyber-warfare is being used as the next excuse for real warfare.

    It's incredibly easy to "blame" the Russians or the Chinese or whoever the flavour of the moment is for such attacks. It would also be incredibly easy for any nation state to fake or proxy such an attack coming from the country of their choice. To say that any one nation is responsible should be taken as seriously as saying that they put spies in the White House, or something similar. It's a serious accusation that needs serious proof to back it up. Saying the packets were traced to China, or hinting that you think the Russians don't like you at the moment is not proof.

    And there have been several statements from representatives of large nations drawing a parallel between a cyber-attack and a real one and offering retaliation in non-digital forms. This is a slippery slope.

    Now imagine there's a world leader who WANTS to start a war. What excuse do they now need past getting some Chinese spam on their systems or some script-kiddies proxying from China? It's dangerous.

    If your network is THAT BAD that you can't work out who's attacking it or stop them attacking it after three weeks (classified or not), then the problem is yours. You can't go mentioning nations that you don't like and blaming them for it, or even hinting they could be behind it, until you can prove that. Which, generally speaking, you can't.

    Stop trying to create an excuse for a real war from an handful of bits coming to your computer.

  7. chivo243 Silver badge
    Black Helicopters

    why would any

    WhiteHouse internal network even be reachable from the outside. One would think there would be firewalls and air gapping and probably an engineer constantly watching the perimeter.

    1. Tom Wood

      Re: why would any

      This is the unclassified network - the one they use for checking Facebook, ordering sandwiches, and suchlike.

      There will be other, more secure, networks which do have the controls you mention in place. Probably several in fact, at different levels of security marking.

    2. Anonymous Coward
      Facepalm

      Re: why would any

      Because it's not classified stuff like every other "secure" site has.

      You know the PA booking a flight. the press department accessing twitter, Facebook and news sites; the maintenance people ordering new brooms, the cooks ordering food. You know the sort of things you need to run a large office block

      1. Vladimir Plouzhnikov

        Re: why would any

        "You know the PA booking a flight."

        Hello! Air Force One? This is the White House. Ah, I'd like to book 1 first class, 20 business and 82 economy return tickets to Nu-, no... Neu-, no... New-port. Yep. Ah, you're fully booked on that day? Oh, that's a bummer. Yes, I heard there's going to be a NATO summit, that's why... What? Ah, you have availability for the following week? Well, OK but throw in some free tickets to Stoned Hedge or something, you know... HOW MUCH DID YOU SAY IT IS?!!?! You know what? I'll just book Virgin Atlantic over the internet, thank you.

  8. alain williams Silver badge

    Presumably this crack is legal

    They say that it bears the hallmarks of a state-sponsored attack, so presumably the White House will say ''fair enough, this is a legal crack into our network'', after all Prosecutors in Silk Road raid trial: If you're outside the US, you're fair game for hacking.

    What is sauce for the goose, is sauce for the gander.

    1. Destroy All Monsters Silver badge
      Big Brother

      Re: Presumably this crack is legal

      Weed's legal in Colorado!

      Cracks legal in D.C.!

      Time to upgrade the war on terror so that people buying cough syrup in the US and communist peasants in Mexico get what they are asking for!

  9. DrGoon

    Strategic context

    When reading stories that are sourced from unnamed parties, it is worth considering the strategic value of the 'news'. Once considered in the context of our current position with Russia, this intentional leak reads instead as an unsubtlle warning.

  10. Destroy All Monsters Silver badge
    Big Brother

    I hope these "sources" are on github.

    The attack, blamed by US government sources on Russian hackers

    Or maybe ISIS.

    Or the Ayatollahs, if not the Ayy Lmaos.

    Or maybe the halloweenized Ghaddafi, undead and baying for viagra-powered genocide.

    Could be Beaucoup Haram or "Koni 2013".

    Or what about Khorasan, the wholly-made-up "new terror threat"?

    Or hybridized Russo-Chinese superhackers, reinforced with North Korean DNA?

    Or the Ebola, now being fought by the National Guard in Liberia.

    Or maybe the french terror clowns.

    Enough enemies to make any neurotic go mad.

  11. Anonymous Coward
    Anonymous Coward

    Their mitigation sounds awfully like they simply pulled the plug

    So they were under attack, and in mitigating it they may have caused issues for some users?

    Sounds awfully like they pulled the plug in a hurry. Which, for an attack that has been going on for three weeks, is unusual behavior to say the least. Smells of someone have a lot of difficulty identifying the rogue sources/machines inside the network.

    1. Anonymous Coward
      Unhappy

      Re: Their mitigation sounds awfully like they simply pulled the plug

      it's sometime the best defence. I remember Blaster / Nachi outbreaks way back, it was causing so much trouble we simply shut down the core routers and then brought back on department by department as we cleaned the mess up.

  12. Anonymous Coward
    Anonymous Coward

    ITS PROBABLY BILL CLINTON...

    ...Spunking on the servers.

    1. Destroy All Monsters Silver badge

      Re: ITS PROBABLY BILL CLINTON...

      More like Hillary rubbing it in.

  13. breakfast
    Facepalm

    Good job, that Ally

    So just to be absolutely clear, the US Government is perpetrating constant surveillance against everyone inside and outside the USA at all times, and yet they had to be notified by an Ally of attacks against the Whitehouse???

    Has anyone got some palms large enough for the huge faces on Mount Rushmore?

  14. samlebon2306

    I am sure security rushed the first lady and her children to a hidden folder, somewhere in a hidden partition. As of the POTUS, at the time of the attack, he was in a DMZ. Some sources say he was hit in his headers and his integrity is compromised. The security guys hastily threw him through an IPsec channel but it was too late. Now the question is: Is it an inside hack or not?

    It cost the American people $2 billion to compile a POTUS, and I am no sure the nation could afford another one unless Congress administrators backed him up.

  15. JamesPond
    FAIL

    Secret Service - Not Secret, nor providing a Service

    So the SS cannot prevent physical access to the White House, nor can they prevent virtual access, and they are not Secret. What are they good for (apart from getting drunk and getting themselves thrown out of foreign countries)?

  16. Midnight

    If only the White House had enforced RFC 3514 compliance on all incoming traffic this could all have been avoided.

  17. Vociferous

    Retaliate!

    Shouldn't the US retaliate? If the US, let's say, made five billion of Putin's personal wealth go poof every time Russian state sponsored hackers attacked, I'm sure frequency of attacks would drop sharply.

    1. amanfromMars 1 Silver badge

      Re: Retaliate!

      Shouldn't the US retaliate? If the US, let's say, made five billion of Putin's personal wealth go poof every time Russian state sponsored hackers attacked, I'm sure frequency of attacks would drop sharply. .... Vociferous

      What? And let everyone know how easy it is to steal fortunes with a dodgy complicit banking sector able to hold governments to virtual ransom? Good plan, Vociferous.

      And just imagine how stupid it is of the political elite to save the banking system with its pumping and pimping of trillions of future tax payers monies into its collapsed modus operandi. Madness rules, eh?

  18. Gordo Rex
    Paris Hilton

    ........ and so that's why Sasha's term paper is late.

    Sincerely,

    My Mom

  19. Anonymous Coward
    Anonymous Coward

    NSA

    My money on them.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020