Malicious code Russians reportedly used to jimmy open a White House network and malware Chinese hackers reportedly used to rupture insurer Anthem’s network were similar — and free, according to new research.
The worms also were delivered the same way, via phishing emails that looked legitimate, but actually baited recipients into opening a malicious file.
The hackers’ success in each case underscores how conventional hacking techniques still work against skilled professionals at high-security organizations, said Patrick Belcher, a director at cyber firm Invincea. He co-wrote a paper detailing the initial penetrations at the White House and Anthem.
“These aren’t just any dumb users,” Belcher said. “The top-notch security professionals, they failed in their jobs to not open suspicious email links.” Neither Anthem nor the White House has detailed how its systems were initially breached.
At Anthem, a bogus message in December 2014 tricked the recipient to install what appeared to be an authentic Citrix software update that was really an infected file, according to past research. And last fall, at “the White House, it was a stupid video from the Super Bowl like three years ago floating around in the office,” Belcher said.
A hacked State Department email account reportedly was the source of the phishing email that landed at the White House. Incidentally, State in March invited all federal security employees to participate in a 90-minute phishing email workshop.
“There was no expense to the cost…