Was Russia really behind White House hack?

The Capitol Building

Security experts have aired doubts over claims Russia was behind dangerous hacks on the White House's computer systems.

Hackers got their hands on sensitive White House data including President Barack Obama's schedule last October, and todayCNN blamed Russia for the attacks, citing anonymous US officials as sources.

The site claims the hackers routed their attacks through computers across the globe, and while classified systems were untouched, the White House admitted its unclassified network was breached - subsequently pulling it offline numerous times for security upgrades.

Agencies including the FBI and the Secret Service are now investigating the breach, and are pointing the finger at Russia, according to CNN.

However, the National Security Council declined to confirm the claims, and security analysts have voiced reservations over accusing Russia without clear proof.

Graham Cluley, an independent computer security analyst, said that CNNis likely connecting the Russian hackers to a cybercrime operation called Operation Pawn Storm, undertaken last October.

Pawn Storm hit government, military and media targets in the US, Europe and Pakistan with spearphishing and malware attacks.

As they also targeted anti-Russian dissidents, he said it would be no surprise to see Russia as a likely suspect.

However, Cluley added in a blog post: "Even if fingers of suspicion are pointing towards Russia, that's very different from having convincing proof that Moscow is behind the hack.

"Attribution of internet attacks is notoriously difficult and much harder than the average man in the street (and possibly politician) imagines, which is certainly a frustration for news reporters who wish to tie up a story with a simple bow."

He warned against casting Russia as the villain so quickly, following sceptics condemning the US for blaming North Korea for last year's huge hack into Sony Pictures.

The FBI publicly blamed North Korea, but experts pointed out plenty of holes in the agency's reasoning.

"We shouldn't jump too easily behind headlines claiming that the Russian government is behind this latest hack of the White House either," said Cluley.

Dwayne Melancon, CTO at IT security firm Tripwire, agreed. "Attribution is difficult. A savvy attacker can not only cover their tracks, they can often mislead you into believing someone else is behind the attacks," he said."I hope the White House has strong evidence to claim Russian responsibility."

What happens next?

CNN's report appeared after President Obama announced his intention to use tougher measures to deter foreign hackers at the start of the month.

"The increasing prevalence and severity of malicious cyber-enabled activities originating from, or directed by, persons located, in whole or in substantial part, outside the US constitute an unusual and extraordinary threat to the national security, foreign policy and economy of the US. I hereby declare a national emergency to deal with this threat," Obama announced.

The sanctions include limiting foreign countries' access to American financial systems and technology.

However, the US hasn't publicly labelled Russia as the culprit behind the White House attacks, and presumably would have to do so to justify any sanctions.

With relations tense between the two countries, the US may choose to deal privately with the matter, without resorting to sanctions.

In that case, WhiteHat Security founder Jeremiah Grossman said the US must concentrate on improving its security as well as legislating against hackers.

"Whatever new legislation the White House or Congress isplanning, does it have any chance of preventing this kind of incidentfrom happening again?" he said.