On his weeklong trip to Asia that begins Monday, President Obama will meet face to face with two foreign leaders whose countries are believed to be responsible for much of the recent cyberattacks against the U.S. — Russian President Vladimir Putin and Chinese President Xi Jinping.
Mr. Obama is starting the trip just after the Department of Homeland Security revealed that a destructive Trojan horse malware program has penetrated the software that runs much of the critical U.S. infrastructure and could cause an economic catastrophe. The hackers are believed to have been sponsored by Moscow.
The malware program puts at risk systems such as nuclear power plants and power grids, national security sources told ABC News. The Department of Homeland Security released a bulletin on the “BlackEnergy” malware, which is connected to Russia’s “Sandworm Team.”
Russia also is suspected in an attack on the White House’s unclassified computer network last month.
White House National Security Adviser Susan E. Rice said Mr. Obama probably will talk informally with Mr. Putin at a summit in Australia, although she didn’t say whether the digital attacks would be discussed. She did say Mr. Obama plans to talk about hacking with Mr. Xi in China.
“Clearly, the issues of cybersecurity will be prominent on our bilateral agenda,” Ms. Rice said of the Chinese meeting. “This is a source of grave concern to the United States. We have reiterated on every occasion the fact that we oppose any efforts, official or unofficial, to engage in cyberespionage for commercial gain or other purposes.”
SEE ALSO: Obama heading to Chinese economic summit
Theresa Payton, who served as White House chief information officer in the George W. Bush administration, said the subject is appropriate for bilateral talks because governments usually deny involvement in cyberattacks.
“These are discussions that need to happen at the head-of-state level, with a gentleman’s agreement between the different countries about what are acceptable and unacceptable levels of testing friendships and ’frenemy-ships,’” she said. “Heads of state have to have those discussions.”
Ms. Payton, founder of security and risk consulting company Fortalice LLC, said the White House is a prime target of hacking.
“I’m not surprised [about the Russian attack]. Obviously, I’m dismayed as a patriot of this country,” she said in an interview. “The White House at times is one of the most attacked websites. When you’re under attack, you have to get it right every day, and [hackers] only have to get it right once.”
Ms. Payton said the federal government is taking the problem seriously and is routinely running tabletop exercises to simulate cyberattacks and figuring out how to restore systems quickly. But she is concerned that administration officials might not be keeping up with the hackers’ ingenuity.
“Every year, the bad actors, whether they are considered government-sponsored or whether they are organized crime, they’re upping their game,” she said. “Every time we release a new technology for security, the first thing they start to do is figure out how to break it.
“My question would be: Have we deployed unique, creative and innovative ways of approaching this problem? We’ve got to be creative, we have to be out-thinking them and outsmarting them.”
She said the government employs “the best and the brightest,” but “all technology is hackable.”
Hackers are adept at using social engineering, whether it’s a user’s social media habits or a tendency to use outdated software, to find a way into a network.
Although White House officials asserted that classified systems were not compromised, Ms. Payton said, there is plenty of reason to be concerned.
“I would caution everybody that social engineering on the unclassified side could potentially be a way to try to pick the locks on the classified side,” she said. “Everybody should be on heightened awareness.”
The Homeland Security Department said BlackEnergy is the same malware that Sandworm used to target NATO and some energy and telecommunications companies in Europe this year.
“Analysis of the technical findings in the two reports shows linkages in the shared command and control infrastructure between the campaigns, suggesting both are part of a broader campaign by the same threat actor,” the Homeland Security bulletin said.
The advanced hacking software allows designated workers to control various industrial processes through computers, iPads or smartphones, ABC reported.
Ms. Payton said government agents should be able to trace the malware’s origins now that it has been discovered.
“The good news is we know they’re there,” she said. “It appears to be that a lot of the malware was inserted as sort of ’sleeper’ cells. Now that we know they’re there, we can study the programming, do some reverse engineering, probably identify who the actors are who created the software, because they tend to have a style of programming that has a profile. You try to match it back to, ’Are these cyberguns for hire, or are they part of different group, or are they lone-wolf actors?’”
The cyberattacks have implications for average citizens, too, with businesses such as JPMorgan Chase & Co. and Home Depot Inc. having been compromised in recent months. Ms. Payton advises people to be stingy about giving out personal data such as date of birth and ZIP code, and to protect personal email addresses zealously.
“Think differently about the data you willingly give up each day,” she said. “And guard your email address. It’s what attaches you to your bank account, your health care, to your kids’ school.”
• Dave Boyer can be reached at dboyer@washingtontimes.com.
Please read our comment policy before commenting.