Sources close to the investigation say U.S. State Department used as stepping-stone U.S. officials, who have been briefed on the investigation so far, have told CNN that Russian hackers used their access after compromising the U.S. State Department to target sensitive information on the unclassified White House network.Last October, a White House official told Reuters that suspicious activity had been detected on the Executive Office of the President (EOP) network.The incident was blamed for an outage on the EOP network a week prior to the story breaking, somewhat aligning with statements given to the Washington Post by officials who noted that the problems on the unclassified network were caused by hackers out of Russia.CNN’s story however, adds new details to the previous coverage. While the blame is still centered on actors out of Russia, the unclassified network that was breached held sensitive information the hackers are said to have had access to, including real-time non-public details of the president’s schedule. While the president’s schedule isn’t classified, it’s still a type of information that intelligence and administration officials would rather not be shared with someone outside of the loop.The White House intrusion is said to have been possible, because the same group of actors had previously compromised the email systems at the U.S. State Department. Around the same time that officials in the White House noticed suspicious activity, the State Department was also investigating a similar incident. Investigators told CNN that the actors had “owned” the State Department for months, and it isn’t clear if their access has been completely removed. Given the access, investigators believe that someone at the White House fell for a Phishing attack, which resulted in the additional breach.Shortly before both incidents last October, FireEye released a report focused on APT28, a group believed to be from Russia known for using Spear Phishing as one of their tactics. They’ve been active for at least six years, and focus their energy on targets that are of interest to the Russian government.“APT28’s characteristics—their targeting, malware, language, and working hours—have led us to conclude that we are tracking a focused, long-standing espionage effort. Given the available data, we assess that APT28’s work is sponsored by the Russian government,” the FireEye report concluded. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe