It is no surprise that the White House is an obvious target for hackers wanting to prove a point, and now the Syrian Electronic Army (SEA) has reportedly compromised three personal email accounts of White House staff over the weekend.
An SEA hacker told ex-Reuters editor Matthew Keys that the Google Mail accounts of three White House staff members — Erin Lindsay, Macon Phillips and Adam Garber — were phished as part of a larger campaign to compromise official social media accounts used by the White House.
However, the group did not succeed eventually in taking control of any official White House email addresses or social media profiles.
The SEA reportedly hoped that accessing the personal Gmail accounts could help them impersonate White House staff members, which would let them send phishing emails to official White House email addresses and then compromise its social media profiles.
However, the SEA’s campaign came to a premature end when an unidentified White House staffer came to know of the attack, and emailed the team to warn them about it.
The hacking group also claims to have gotten its hands on messages forwarded by Lindsay from her White House email address to her Gmail account — which included what appeared to be passwords that might have given the group access to the Twitter and Facebook accounts of the White House.
But the report noted that White House staffers apparently change the passwords of the White House official social media accounts almost every day — and the passwords sent from Lindsay’s White House email account to her Gmail already expired by the time the SEA accessed her inbox.
The SEA is a group of hackers based in the Middle Eastern country that is waging an online war against the government’s detractors.
The group’s previous hacking attempts have been pretty much successful — last year, an attack on news network Al Arabiya saw the group hack into the news network’s social media accounts, spreading false information about an explosion in Qatar, as well as the sacking of the Qatari Prime Minster and Foreign Minister.
Earlier this year, the Financial Times website and many of its related Twitter accounts were compromised by the SEA, which followed a similar cyber attack carried out by the group on three Twitter accounts run by the BBC and access to the National Public Radio (NPR) website, where it changed a number of article headlines. The group also gained access to 11 accounts owned by The Guardian newspaper.
Update: Keys reports confirmation that the FBI is now investigating the incident.
This post has been edited to remove a suggestion that Keys’ indictment in a separate hacking case was related to his approachability to other hackers and this case.
Headline image via Thinkstock