For nearly a year, starting in June 2014, hackers thought to be Chinese accessed security clearance information on millions of current and past federal employees.
Given the scale of that breach, you might think that combating cyberwarfare would be a top priority for U.S. officials during talks with their Chinese counterparts, including a two-day meeting that concludes Wednesday in Washington.
Not necessarily so. While the U.S. side is sure to raise concerns over hacking of the Office of Personnel Management, few analysts think anything of substance will be announced this week. China denies it is behind the OPM hacking, and Obama administration officials are clearly embarrassed it happened so easily, and over such a long period.
Moreover, U.S. officials have been trying to focus their cyber discussions with China on economic espionage – the stealing of trade secrets and intellectual property – as opposed to the kind of spying that both countries have been known to practice.
“There is this whole problem that the OPM hack looks like traditional espionage,” said Adam Segal, a cybersecurity specialist with the Council on Foreign Relations in Washington. “The administration doesn’t seem all that excited about calling China out on this one, because it is trying to fight against the norm of stealing intellectual property.”
The Office of Personnel Management has been the target of two recently disclosed hacking incidents. One, discovered in April, compromised a database containing Social Security numbers and other information for about 4.1 million current and past federal employees. The other, disclosed this month, was even more serious – possibly capturing the information federal employees must reveal when seeking security clearances.
At the very least, hackers could use this detailed information to design custom-made “spear-phishing” emails that could lure federal employees into opening seemingly benign messages, allowing hackers to breach other computer systems.
But the more recent hack also opens the door for traditional espionage, including pressuring employees into revealing secrets, say Segal and others. When seeking security clearances, federal employees must disclose sensitive information they might want to keep from spouses or family. They also have to reveal any contacts with foreign nationals, no matter how casual.
If Chinese officials were involved, “they could use this data to target federal employees for blackmail and coercion,” Segal said. “They could also use this data to target Chinese who have been talking to U.S. officials.”
For its part, Beijing denies any role in the OPM hack, and it has taken offense at media reports that cite unnamed administration officials saying that China was responsible. In the past, China has accused the United States of hypocrisy on the issue, partly because of NSA contractor Edward Snowden’s revelations about U.S. cyberspying in China and other countries. Such disclosures continue to come to light.
On Monday, a website called the Intercept reported that U.S. and British cyber hackers attempted to infiltrate Russian, Czech and Chinese anti-virus software to gain access to networks and track users.
The Chinese mobile security company Antiy was one of the companies targeted, according to the Intercept, a website started by journalist Glenn Greenwald to report on documents leaked by Snowden.
In a teleconference briefing on Monday, a senior State Department official told reporters that cyber issues will certainly be discussed at this week’s Strategic Security Dialogue, an annual U.S.-Sino meeting that has been held for the last six years. This year’s talks, which began Tuesday and end Wednesday, include Secretary of State John Kerry and Treasury Secretary Jacob Lew and their Chinese counterparts, Vice Premier Wang Yang and State Councilor Yang Jiechi.
“Some of the (hacking) revelations are fairly recent, and those will certainly be talked about in very direct terms, both at the Strategic Security Dialogue, but also in all of the other sort of tracks where we have a chance to raise these issues,” said the official, who agreed to talk to reporters on the condition of anonymity.
U.S. officials say they are particularly concerned about Chinese military units reportedly assigned to hack into U.S. companies to steal intellectual property for the benefit of Chinese industries.
The Obama administration sees this activity as separate from traditional spying, and last year it indicted five members of the People’s Liberation Army for industrial espionage.
Segal said the U.S.-Sino talks may well produce some kind of upbeat announcement, perhaps on a bilateral investment treaty. But the two sides don’t appear ready to seriously engage on cyber concerns, he said.
He also expressed doubts the administration is taking steps to prevent further breaches of government computers. Last week, the White House announced a “30-day cyber security sprint” to shore up federal networks and prevent successful hacking.
“The optimist in me wants to believe it will result in some change,” said Segal, director of the Council on Foreign Relations’ Digital and Cyberspace Policy Program. “The pessimist isn’t sure.”