China in focus as cyber attack hits millions of US federal workers

0
172

Hackers broke into US government computers, possibly compromising the personal data of 4 million current and former federal employees, and investigators were probing whether the culprits were based in China, US officials said on Thursday.

Cyber investigators linked the breach to earlier thefts of healthcare records from Anthem Inc, the second largest US health insurer, and Premera Blue Cross, a healthcare services provider.

In the latest in a string of intrusions into US agencies’ high-tech systems, the Office of Personnel Management (OPM) suffered what appeared to be one of the largest breaches of information ever on government workers. The office handles employee records and security clearances.

A US law enforcement source told Reuters a “foreign entity or government” was believed to be behind the cyber attack. Authorities were looking into a possible Chinese connection, a source close to the matter said.

A Chinese Foreign Ministry spokesman said such accusations had been frequent of late and were irresponsible. Hacking attacks were often cross-border and hard to trace, he said.

The FBI said it was investigating and aimed to bring to account those responsible.

Several US states were already investigating a cyber attack on Anthem in February that a person familiar with the matter said is being examined for possible ties to China.

John Hultquist of Dallas-based iSight Partners told Reuters that the latest attack on OPM and the earlier breaches at Anthem and Premera Blue Cross appear to have been the work of cyber espionage hackers working on behalf of a state, not those focused on cybercrime.

He said they may have widened their net to gather personally identifiable information for more elaborate, finely-tuned attacks in the future. “This is usually done by criminals, but based on their behavior, we believe these are espionage actors,” said Hultquist.

Malicious activity:

OPM detected new malicious activity affecting its information systems in April and the Department of Homeland Security said it concluded at the beginning of May that the agency’s data had been compromised and about 4 million workers may have been affected.

The agencies involved did not specify exactly what kind of information was accessed.

The breach hit OPM’s IT systems and its data stored at the Department of the Interior’s data center, a shared service center for federal agencies, a DHS official said on condition of anonymity. The official would not comment on whether other agencies’ data had been affected.

OPM had previously been the victim of another cyber attack, as have various federal government computer systems at the State Department, the US Postal Service and the White House.

Chinese hackers were blamed for penetrating OPM’s computer networks last year, and hackers appeared to have targeted files on tens of thousands of employees who had applied for top-secret security clearances, the New York Times reported last July, citing unnamed US officials.

“The FBI is working with our inter-agency partners to investigate this matter,” the bureau said in a statement. “We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.”

The US government has long raised concerns about cyber spying and theft emanating from China and has urged Beijing to do more to curb the problem.

Chinese Foreign Ministry spokesman Hong Lei told a regular daily news briefing in Beijing that China hoped the United States would have more trust and cooperate more.

“Without first thoroughly investigating, always saying that ‘it’s possible’, this is irresponsible and unscientific,” said Hong.

There was no comment from the White House.

Since the intrusion, OPM said it had implemented additional security precautions for its networks. It said it would notify the 4 million employees and offer credit monitoring and identity theft services to those affected.