Breaking News Emails
U.S. officials said Tuesday that Russia was behind a cyberattack on an unclassified White House system last year.
The conclusion that Russia was behind the hack was first reported by CNN. U.S. officials later confirmed to NBC News that Russia allegedly conducted the cyberattack. But the international hack allegedly did not impact any classified information, officials said. The system contained the president's private schedule.
"This report is not referring to a new incident — it is speculating on the attribution of the activity of concern on the unclassified EOP network that the White House disclosed last year," National Security Council spokesman Mark Stroh said.
"Any such activity is something we take very seriously. In this case, as we made clear at the time, we took immediate measures to evaluate and mitigate the activity," Stroh said in a statement.
He would not confirm that Russia is believed to have carried out the hack, but other U.S. officials confirmed to NBC News that Russia was behind it. Two sources, one in law enforcement and another in the intelligence community, said Tuesday that no classified information was breached.
Officials told NBC News it is believed the Russians got into the system through State Department computers.
Deputy National Security Adviser Ben Rhodes said the Obama administration was up front when it disclosed the "cyber intrusion" last year, and the White House takes regular steps to prevent hackers from gaining access.
"There’s always vulnerability," Rhodes said. "The fact is that's why we have a classified system, because there's less risk on the classified system, and that is secure. On the unclassified system, we take regular actions to prevent vulnerabilities in security."
Russia is believed to have accessed classified systems in the past.
It likely carried out the "agent.btz" malware attack on U.S. military systems in 2008, which occurred after a corrupted flash drive was inserted into a U.S. military laptop in the Middle East, said former FBI assistant executive director Shawn Henry, who is now CEO of the cybersecurity consulting firm Crowdstrike.
"I have no doubt that the Russians and the Chinese are in all of these White House networks," Henry said.
NBC News has reported last year's White House hack occurred in early October, and there were signs the cyber intrusion originated in Russia with the backing of Russia’s government.
The hack came after the U.S. imposed sanctions on Russia over its actions in Ukraine, which eventually led to the annexation of Crimea in early 2014. Russia was also accused of supporting separatist fighters in eastern Ukraine.
Last week, President Barack Obama signed an executive order authorizing the first sanctions program against cyberattackers who pose a "significant threat" to American interests.
"Our primary focus will be on cyber threats from overseas," Obama wrote in a statement on the website Medium. "In many cases, diplomatic and law enforcement tools will still be our most effective response. But targeted sanctions, used judiciously, will give us a new and powerful way to go after the worst of the worst."