Last summer, hackers with suspected Russian-government backing were able to breach computer network security at the State Department, then use that as a jumping-off point to later hack into the network of the White House itself — though not until earlier this month did the public learn about the White House hacking.
At the time, it was reported that the hackers had gained illicit real-time access to information including non-public details of the president's own daily schedule. However, although they were able to get such sensitive data, White House spokespeople said the hackers were unable to get any classified data, including national security-related information. (In government-security terms, the words “sensitive” and “classified” have distinctly different meanings.)
But this Saturday, the New York Times reported that last summer's White House hacking went deeper than previously admitted, with the hackers even getting access to some of President Obama's email correspondence, according to unnamed “senior American officials.”
That said, White House officials still maintain that the hackers never accessed any classified information. (Most senior officials have two different work-computers connected to two different networks: one connected to a highly secure classified network, and another computer connected to the outside world's Internet for unclassified communication.)
The problem is that despite those dual networks, classified and unclassified communications still aren't segregated as strictly as they should be; certain sensitive (though not officially “classified”) communications still end up going through the unclassified Internet connections, including schedules and email exchanges with diplomats and ambassadors.
An anonymous official told the Times that the hacking “has been one of the most sophisticated actors we’ve seen,” while another official admitted, “It’s the Russian angle to this that’s particularly worrisome.”
Last week, in a possibly unrelated incident, researchers at the FireEye cybersecurity firm announced their discovery of certain zero-day software flaws which had been exploited by hackers from a Russian espionage campaign to spy on American defense contractors, NATO officials and diplomats, and others in whom Russia's government might take a particular interest.
Not just Russia
But Russia's is not the only foreign government suspected of supporting such illicit cyberwarriors. Last November, for example, the United States Postal Service admitted that hackers (with suspected connections to the Chinese government) breached the USPS database and stole the names, addresses, Social Security numbers, emergency contacts and similar information for all post office employees.
At the time, security experts said they suspected that the USPS hackers were the same people behind last July's hacking of the federal Office of Personnel Management; those hackers managed to steal data on up to 5 million government employees and contractors who hold security clearances.
The Chinese are also suspected of involvement in the Anthem insurance company hacking announced in February – possibly because a lot of defense contractors, including employees of Northrop Grumman and Boeing, get their insurance coverage through Anthem.
However, the Chinese government has denied all such allegations, and points out that hacking is illegal under Chinese law. The Russian government has not admitted to involvement with any American hackings, either.