Russian Hackers Read Obama’s Unclassified Emails, Officials Say
By MICHAEL S. SCHMIDT and DAVID E. SANGER

WASHINGTON — Some of President Obama’s email correspondence was swept up by Russian hackers last year in a breach of the White House’s unclassified computer system that was far more intrusive and worrisome than has been publicly acknowledged, according to senior American officials briefed on the investigation.

The hackers, who also got deeply into the State Department’s unclassified system, do not appear to have penetrated closely guarded servers that control the message traffic from Mr. Obama’s BlackBerry, which he or an aide carries constantly.

But they obtained access to the email archives of people inside the White House, and perhaps some outside, with whom Mr. Obama regularly communicated. From those accounts, they reached emails that the president had sent and received, according to officials briefed on the investigation.

White House officials said that no classified networks had been compromised, and that the hackers had collected no classified information. Many senior officials have two computers in their offices, one operating on a highly secure classified network and another connected to the outside world for unclassified communications.

But officials have conceded that the unclassified system routinely contains much information that is considered highly sensitive: schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and, inevitably, some debate about policy.

Officials did not disclose the number of Mr. Obama’s emails that were harvested by hackers, nor the sensitivity of their content. The president’s email account itself does not appear to have been hacked. Aides say that most of Mr. Obama’s classified briefings — such as the morning Presidential Daily Brief — are delivered orally or on paper (sometimes supplemented by an iPad system connected to classified networks) and that they are usually confined to the Oval Office or the Situation Room.

Still, the fact that Mr. Obama’s communications were among those hit by the hackers — who are presumed to be linked to the Russian government, if not working for it — has been one of the most closely held findings of the inquiry. Senior White House officials have known for months about the depth of the intrusion.

“This has been one of the most sophisticated actors we’ve seen,” said one senior American official briefed on the investigation.

Others confirmed that the White House intrusion was viewed as so serious that officials met on a nearly daily basis for several weeks after it was discovered. “It’s the Russian angle to this that’s particularly worrisome,” another senior official said.

While Chinese hacking groups are known for sweeping up vast amounts of commercial and design information, the best Russian hackers tend to hide their tracks better and focus on specific, often political targets. And the hacking happened at a moment of renewed tension with Russia — over its annexation of Crimea, the presence of its forces in Ukraine and its renewed military patrols in Europe, reminiscent of the Cold War.

Inside the White House, the intrusion has raised a new debate about whether it is possible to protect a president’s electronic presence, especially when it reaches out from behind the presumably secure firewalls of the executive branch.

Mr. Obama is no stranger to computer-network attacks: His 2008 campaign was hit by Chinese hackers. Nonetheless, he has long been a frequent user of email, and publicly fought the Secret Service in 2009 to retain his BlackBerry, a topic he has joked about in public. He was issued a special smartphone, and the list of those he can exchange emails with is highly restricted.

When asked about the investigation’s findings, the spokeswoman for the National Security Council, Bernadette Meehan, said, “We’ll decline to comment.” The White House has also declined to provide any explanations about how the breach was handled, though the State Department has been more candid about what kind of systems were hit and what it has done since to improve security. A spokesman for the F.B.I. declined to comment.

Officials who discussed the investigation spoke on the condition of anonymity because of the delicate nature of the hacking. While the White House has refused to identify the nationality of the hackers, others familiar with the investigation said that in both the White House and State Department cases, all signs pointed to Russians.

On Thursday, Secretary of Defense Ashton B. Carter revealed for the first time that Russian hackers had attacked the Pentagon’s unclassified systems, but said they had been identified and “kicked off.” Defense Department officials declined to say if the signatures of the attacks on the Pentagon appeared related to the White House and State Department attacks.

The discovery of the hacking in October led to a partial shutdown of the White House email system. The hackers appear to have been evicted from the White House systems by the end of October. But they continued to plague the State Department, whose system is much more far-flung. The disruptions were so severe that during the Iranian nuclear negotiations in Vienna in November, officials needed to distribute personal email accounts, to one another and to some reporters, to maintain contact.

Earlier this month, officials at the White House said that the hacking had not damaged its systems and that, while elements had been shut down to mitigate the effects of the attack, everything had been restored.

One of the curiosities of the White House and State Department attacks is that the administration, which recently has been looking to name and punish state and nonstate hackers in an effort to deter attacks, has refused to reveal its conclusions about who was responsible for this complex and artful intrusion into the government. That is in sharp contrast to Mr. Obama’s decision, after considerable internal debate in December, to name North Korea for ordering the attack on Sony Pictures Entertainment, and to the director of national intelligence’s decision to name Iranian hackers as the source of a destructive attack on the Sands Casino.

This month, after CNN reported that hackers had gained access to sensitive areas of the White House computer network, including sections that contained the president’s schedule, the White House spokesman, Josh Earnest, said the administration had not publicly named who was behind the hack because federal investigators had concluded that “it’s not in our best interests.”

By contrast, in the North Korea case, he said, investigators concluded that “we’re more likely to be successful in terms of holding them accountable by naming them publicly.”

But the breach of the president’s emails appeared to be a major factor in the government secrecy. “All of this is very tightly held,” one senior American official said, adding that the content of what had been breached was being kept secret to avoid tipping off the Russians about what had been learned from the investigation.

Mr. Obama’s friends and associates say that he is a committed user of his BlackBerry, but that he is careful when emailing outside the White House system.

“The frequency has dropped off in the last six months or so,” one of his close associates said, though this person added that he did not know if the drop was related to the hacking.

Mr. Obama is known to send emails to aides late at night from his residence, providing them with his feedback on speeches or, at times, entirely new drafts. Others say he has emailed on topics as diverse as his golf game and the struggle with Congress over the Iranian nuclear negotiations.

George W. Bush gave up emailing for the course of his presidency and did not carry a smartphone. But after Mr. Bush left office, his sister’s email account was hacked, and several photos — including some of his paintings — were made public.

The White House is bombarded with cyberattacks daily, not only from Russia and China. Most are easily deflected.

The White House, the State Department, the Pentagon and intelligence agencies put their most classified material into a system called Jwics, for Joint Worldwide Intelligence Communications System. That is where top-secret and “secret compartmentalized information” traverses within the government, to officials cleared for it — and it includes imagery, data and graphics. There is no evidence, senior officials said, that this hacking pierced it.

美總統電郵 俄駭客看光光

紐約時報廿五日根據白宮調查簡報報導，白宮非機密電腦系統去年疑遭俄羅斯駭客入侵，總統歐巴馬的部分非機密電子郵件遭擷取。

白宮官員說，駭客入侵白宮及國務院的非機密系統，但未滲透到控制歐巴馬黑莓機訊息的伺服器，機密網路也未受影響。許多高官辦公室內有兩台電腦，一台透過高度機密網路運作，另一台連結外部網路，用來傳送非機密通訊。不過，這些非機密系統內的資訊也相當敏感，包括行程、與大使等外交官通訊的電郵、人事調動、法案及政策討論等。

官員不願透露駭客擷取幾封歐巴馬的電郵。歐巴馬幕僚透露，大多數機密簡報均透過口述或以紙本呈交給總統，或透過連結加密網路的iPad系統傳送，這類簡報通常只會出現在橢圓形辦公室或戰情室。

白宮官員認為，駭進白宮網路的駭客恐與俄國有關，或為俄國政府工作。白宮官員說：「正因為俄國角度，讓人更加憂慮。」

大陸駭客慣於搜括商業及技術資訊，俄國駭客則專精政治目標。資訊人員去年十月察覺白宮及國務院電郵系統遇駭，駭客十月底即「撤出」白宮網路，但仍潛伏在國務院網路內一段時間。這段時間恰逢美俄關係因克里米亞、烏克蘭東部動盪而緊張之際，駭客入侵引人聯想。

白宮拒絕透露駭客國籍，國安局、國務院及聯邦調查局均拒絕置評；消息人士說，所有跡象均指向俄國。美國此次一反過去公開指責北韓駭客攻擊索尼影業、批評伊朗駭客入侵金沙賭場的做法，以「不符合最大利益」為由，對駭客身分保密。

這不是歐巴馬電郵首次遇駭，他的電郵在2008年競選時就被大陸駭客攻擊。歐巴馬本人非常愛用電子郵件，他曾為了保有方便收發電郵的黑莓機，在2009年公開槓上秘勤局，他最後得到一支特製黑莓機。

原文參照：
http://www.nytimes.com/2015/04/26/us/russian-hackers-read-obamas-unclassified-emails-officials-say.html

紐約時報中文版翻譯：
http://cn.nytimes.com/usa/20150427/c27hack/zh-hant/

2015-04-27．聯合報．A13．國際．編譯陳韻涵