Skip to content
Naked Security Naked Security

White House hackers read emails from President Obama, Russia blamed

In addition to acquiring the president's itinerary, hackers also managed to access some of his email correspondence when they penetrated a White House unclassified system in October, according to a news outlet.

Obama. Image courtesy of Christopher Halloran/ShutterstockA breach at the White House last year was far more serious than first thought, according to the New York Times.

Quoting fully briefed officials, reporters Michael S. Schmidt and David E. Sanger said in addition to acquiring the president’s itinerary, hackers also managed to access some of his email correspondence when they penetrated a White House unclassified system in October.

The breach, which the officials described as being “far more intrusive and worrisome than has been publicly acknowledged,” didn’t reach far enough to access the content on President Obama’s Blackberry phone or any classified information and networks.

But the unclassified network that was breached gave the attackers access to the email archives of people that Obama corresponds with, which included emails that the president had sent and received.

The New York Times report says many White House officials have two computer systems in their offices:

One operating on a highly secure classified network and another connected to the outside world for unclassified communications.

Unfortunately, according to the Times, many officials often use the unclassified network to send data that should in fact be communicated by the more secure system, such as:

Schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and, inevitably, some debate about policy.

Obama’s classified communications, however, are mostly given orally or in writing – sometimes using an iPad connected to the classified network – and typically limited to the Oval Office or Situation Room.

Following the discovery of the breach in October, the unclassified email system was severely curtailed until administrators were able to confirm that the intruders no longer had access, with one official telling the New York Times that the intrusion was deemed so serious that officials met daily for several weeks after it was discovered.

While the White House systems were given the all clear at the end of October, the State Department continued to experience its own breach, the severity of which led to an unusual workaround:

The disruptions were so severe that during the Iranian nuclear negotiations in Vienna in November, officials needed to distribute personal email accounts, to one another and to some reporters, to maintain contact.

Though there is no official word from the White House, unnamed officials did tell the Times that those behind the attack were highly likely to be Russian citizens either with links to the government or direct backing from Russia, with one quoted as saying:

It’s the Russian angle to this that’s particularly worrisome.

Despite recent high profile finger wagging at North Korea over the Sony hack, and Iran after the Sands Casino was attacked, the incursion at the White House has prompted no such response, despite coming at a time of increased political tension with Russia over its annexation of Crimea, increased military patrols in Europe and a buildup of troops in Ukraine.

Internally, the attack has raised questions surrounding the protection of electronic devices used by a president who is far more willing to engage with the latest technology than his predecessor, George W. Bush, who was known not to use email at all.

While it’s unlikely that Obama has been advised to ditch his smartphone altogether, one close associate was quoted as saying the president had sent significantly fewer emails in the six months since the attack came to light.

Image of Obama courtesy of Christopher Halloran /


The solution is to decrease the use of technology in sending classified data (e.g. like don’t send emails), and start using slow, but secure data communication (e.g. paper letters, etc.).


I don’t think new-fangled things like paper are secure enough – all communications should take place in person, in whispers in the middle of a field surrounded by fountains; all important data should only be kept in the minds of trained memory experts, stored in an underground bunker.


Just a thought, but fountains are usually set in the middle of urban spaces (or as centrepieces in formal gardens). You might struggle to find them around the edges of fields.

Wouldn’t next to a river or at the seashore be a more practicable alternative?


I find it incredibly stupid that somehow the President’s schedule is “unclassified”. Really everyone at the White House needs a better understanding of computer security.


Remember reading an article a year or so ago that due to all the hacking incidents the Russian Gov’t had purchased a large quantity of typewriters to go low tech.

Does anyone really believe that any gov’t & military network systems are impenetrable?


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!