Hackers thought to be working for the Russian government breached the unclassified White House computer networks in recent weeks, sources said, resulting in temporary disruptions to some services while cybersecurity teams worked to contain the intrusion.
White House officials, speaking on the condition of anonymity to discuss an ongoing investigation, said that the intruders did not damage any of the systems and that, to date, there is no evidence the classified network was hacked.
“In the course of assessing recent threats, we identified activity of concern on the unclassified Executive Office of the President network,” said one White House official. “We took immediate measures to evaluate and mitigate the activity. . . . Unfortunately, some of that resulted in the disruption of regular services to users. But people were on it and are dealing with it.”
The FBI, Secret Service and National Security Agency are all involved in the investigation. White House officials are not commenting on who was behind the intrusion or how much data, if any, was taken.
“Certainly a variety of actors find our networks to be attractive targets and seek access to sensitive information,” the White House official said. “We are still assessing the activity of concern.”
U.S. officials were alerted to the breach by an ally, sources said.
Recent reports by security firms have identified cyber-espionage campaigns by Russian hackers thought to be working for the government. Targets have included NATO, the Ukrainian government and U.S. defense contractors. Russia is regarded by U.S. officials as being in the top tier of states with cyber-capabilities.
In the case of the White House, the nature of the target is consistent with a state-sponsored campaign, sources said.
The breach was discovered two to three weeks ago, sources said. Some staffers were asked to change their passwords. Intranet or VPN access was shut off for awhile, but the email system, apart from some minor delays, was never down, sources said.