A cyber attack aimed at the US government last year has turned out to be more intrusive than originally thought, as the Russian hackers behind the incident are said to have compromised private emails sent by president Barack Obama.
This is according to a new report in the New York Times, which said that while the attack did not access the most highly confidential correspondence, servers containing unclassified email archives from the White House were affected by the incident, which penetrated deep into the State Department's systems.
Although officials insisted no classified servers were impacted, they conceded that the unclassified system still routinely handled sensitive information. This was said to potentially include schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and some debate about policy.
One White House official briefed on the investigation into the attack described it as one of the "most sophisticated actors we've seen", the New York Times said. Another source added that the Russian connection was particularly worrying, given the current political tensions between the two nations.
The incident should serve as warning to all organisations of the risks of storing and transferring highly sensitive data across insecure networks.
Commenting on the report, Encode UK's Tony Marques observed that it is a major challenge for organisations to manage the human factors needed to support operational agility in today's digitally-focused world.
"Having classified documents held on unclassified systems is a symptom of this challenge not being met," he continued. "Hackers thrive on technical complexity and human factor shortfalls."
The Russian hackers recognised this when planning their attack, so addressing this weakness needs to be something businesses consider when analysing their defences. Mr Marques noted that balancing the human factor with technology complexity and business agility can be achieved through enterprise document classification solutions that are capable of intercepting user actions on documents and emails based on their content and context.
"Such a system would apply policies (containing network and file operation rules) enforced at the operating system kernel level," he continued. "This ensures consistent and robust operation across an enterprise. Combined with protective monitoring operated by a 24/7 Security Intelligence driven Security Operations centre (SOC), the embarrassing White House breach would be far less likely to happen."