Yesterday news broke that an unclassified system at the White House Military Office was breached via a spear phish attack. The news of this attack is not surprising at all. Our government networks are under non-stop targeted attacks and some of these attacks will eventually compromise the intended victim. The reports that we’ve seen indicate that it was an unclassified network that was compromised. These types of systems are connected directly to the Internet, and wouldn’t be considered mission critical systems, so if that’s all that was compromised, many of the reports are greatly exaggerated.
Unclassified networks can contain For Official Use Only (FOUO) information, which could be used to gather information for foreign intelligence. These types of networks may have information on logistics related to troop movements and supply chain. Critical networks and systems should be air gapped from this network which should make it hard for foreign attackers to directly compromise and exfiltrate data from our most secure networks.