According to the New York Times, senior American officials revealed that a group of Chinese hackers violated the computer networks of the United States government agency in March. The Chinese bad actors hacked US government systems earlier this year accessing the files of thousands of Federal employees who have applied for top-level security clearances.
The data exposed during the attack include the list employees’ foreign contacts, personal information and previous jobs. The Times reported that an unnamed senior official claimed the recent attack was traced back to China, without giving any information regarding the possibility that there were state-sponsored hackers behind the offensive.
“Chinese hackers in March broke into the computer networks of the United States government agency that houses the personal information of all federal employees, according to senior American officials. They appeared to be targeting the files on tens of thousands of employees who have applied for top-secret security clearances.” states the NYT.
According to the revelations of a Government spokesperson the attack was detected by a monitoring system which “alerted to a potential intrusion of our network in mid-March.”
Alleged Chinese hackers gained access to some of the databases managed by the Office of Personnel Management. The official confirmed that the incident has been assigned to an emergency response team “to assess and mitigate any risks identified.”
According to the NYT the cyber attack is very disturbing due the target chosen by hackers, the media agency refers a system called e-QIP used to archive personal information, including financial data, on federal employees having security clearances.
“Federal employees who have had security clearances for some time are often required to update their personal information through the website. The agencies and the contractors use the information from e-QIP to investigate the employees and ultimately determine whether they should be granted security clearances, or have them updated.”states the NYT.
This is just one of the numerous cyber attacks observed on both sides, Chinese and US governments have significant cyber capabilities and both repeatedly exchanged accusations for cyber espionage activities.
Last week, researchers at CrowdStrike revealed that the hacking team dubbed Deep Panda is targeting US think thank firms with a significant knowledge on the Iraqi situation, the circumstance confirms the high propensity of Chinese authorities in cyber espionage as Intelligence practices.
The cyber incursions are not limited to Intelligence and the military, practically every industry is daily targeted by Chinese hackers, according reports produced by principal security firms like Mandiant-Fire Eye and CrowdStrike.
The NYT remarked that it is crucial information sharing on threats and incidents observing that despite US officials have encouraged businesses to share data related to data breaches with each other and the government offices, in this specific case US military omitted to disclose the information on the cyber attack.
“The administration has never advocated that all intrusions be made public. We have advocated that businesses that have suffered an intrusion notify customers if the intruder had access to consumers’ personal information. We have also advocated that companies and agencies voluntarily share information about intrusions.” is the reply provided by Caitlin Hayden, an Obama administration spokeswoman.
Security Affairs – (Chinese hackers, US)