Following reports that hackers have disrupted computer operations at the White House after breaking into its unclassified internal network: http://www.theregister.co.uk/2014/10/29/white_house_cyberattack_russia_blamed/ Tim Erlin and Craig Young from Tripwire have commented:
Tim Erlin, director security R&D, Tripwire says:
“While the White House claims the attack hasn’t caused any damage, the defensive measures put in place to respond have degraded service, which is a kind of damage and makes the attackers successful.
“Even though the affected systems are unclassified, it’s unlikely that we’ll receive a full account of the activity. The White House could take an important step forward in threat intelligence sharing by being more forthcoming with details of the attack in order to help others defend themselves as effectively as possible.
“It’s not surprising that a third party notified the White House about the attack. The constant state of assault can make it difficult to identity a new threat against an ongoing threat, but clearly, something that an ally could witness changed and cause a heightened alert state.
“Russian hackers doesn’t necessarily mean Russian state hackers, nor does it exclude that conclusion. The language coming out of the White House will be very calculated when it comes to attribution.”
Craig Young, security researcher, Tripwire writes:
“We have become accustomed to hearing from retailers that third parties uncovered a breach but hearing this from the White House is more than a little unsettling. Generally it is nearly impossible to attribute attacks with 100% certainty but if the Kremlin is in fact implicated in this attack it could have stark ramifications on diplomatic ties between the US and Russia. The biggest question in my mind however is how the white house did come to learn of the breach and what indicators are casting suspicion on Russia.”