China denies role in recent U.S. government security hack

The Obama administration is scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and employee records, U.S. officials said Thursday.
The Obama administration is scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and employee records, U.S. officials said Thursday. AP

China has rejected claims by unnamed U.S. officials that its agents hacked federal government computers, compromising the personal data of at least 4 million current and former federal employees.

Foreign Ministry spokesman Hong Lei called the allegations “irresponsible” and urged U.S. officials to step up cooperation on stopping hacking, a problem both countries share, he said.

On Friday, White House Press Secretary Josh Earnest repeatedly said the United States does not know if China was behind the attack, saying that the FBI continues to investigate.

“No conclusions about the attribution of this particular attack have been reached at this point,” Earnest told reporters at his daily briefing. “This is something that’s still under investigation. Obviously, even preliminary aspects of an investigation can steer you in one direction or another. But there is still a lot of work that needs to be done to get to the bottom of this particular incident.”

The hack at the Office of Personnel Management, which the OPM revealed Thursday, is the second serious breach of federal agency data revealed over the last three months. In April it was learned that hackers, thought to be from Russia, had compromised White House and State Department email systems.

A year ago, the Justice Department indicted five members of the Chinese People’s Liberation Army, accusing them of stealing data from U.S. businesses to benefit Chinese companies. The indictments spiked tensions between the two countries and have effectively ended talks on reducing cyberespionage.

Federal officials say the most recent breach is one of the largest ever involving personal information of government workers. The intruders potentially accessed current and former employees’ Social Security numbers, performance ratings and other information. It is not known if that data was stolen or only accessed by the hackers.

The hack occurred in December, but the administration did not realize that data had comprised until May. It is aiming to inform workers who were impacted within 30 days.

Between June 8-19, the Office of Personnel Management will contact the approximately 4 million former and current employees whose information was comprised in the hack, the agency said Thursday in a statement. The White House could not say if that information included security clearances.

“The federal government has an obligation, and this is an obligation that we also take very seriously, to communicate directly and promptly in as much detail as possible with those who may be personally affected by this particular incident,” Earnest said.

OPM has also contracted with CSID, a company that specializes in identity theft protection and fraud resolution, to help employees monitor their credit and take other precautions. The company has set up a website for employees to get more information.

In announcing the breach, the Office of Personnel Management and the Department of Homeland Security did not publicly point a finger at China. But late Thursday, the Washington Post and the Wall Street Journal reported that China’s role had been confirmed by U.S. officials wishing to remain anonymous. Unnamed officials also accused China of being behind a March 2014 breach of OPM data, involving federal employees who had sought new security clearances.

Members of Congress said the latest intrusion demonstrates how federal agencies, and the Office of Personnel Management in particular, haven’t done enough to protect the government and its employees from sophisticated cyberespionage.

“It is disturbing to learn that hackers could have sensitive personal information on a huge number of current and former federal employees, and – if media reports are correct – that information could be in the hands of China,” Sen. Ron Johnson, a Wisconsin Republican who heads the Senate Homeland Security and Governmental Affairs Committee, said in a statement.

Rep. Adam Schiff of California, the ranking Democrat on the House Intelligence Committee, said he hoped the breach might push the Senate to pass cybersecurity legislation that has already cleared the House of Representatives.

“It’s clear that a substantial improvement in our cyber databases and defenses is perilously overdue,” Schiff said in a statement.

Earnest defended the administration’s actions to prevent cyber intrusions. He said the latest version of an intrusion-detection program called Einstein that had been scheduled for implementation across all agencies in 2018 has been moved up to 2016, though not because of the hack. But he could not say whether that could have prevented the latest intrusion.

Meanwhile, the White House blames Congress for failing to act on a cybersecurity bills supported by Obama.

“The fact is we need the United States Congress to come out of the dark ages and actually join us here in the 21st century to make sure we have the kind of defenses that are necessary to protect a modern computer system,” Earnest said.

Cyber experts say that, for more than a decade, China’s military has dedicated itself to advanced cyberwarfare. But China routinely denies it is responsible for cyberattacks, as Hong Lei did again on Friday.

“Hacker attacks are conducted anonymously, across nations, and thus it is hard to track the source,” Hong said. “It’s irresponsible and unscientific to make conjectural, trumped-up allegations without deep investigation.”

Hong also said that China has been a victim of recent hacking, a claim that Beijing tried to bolster this week, citing a report this month by Qihoo 360’s SkyEye Labs, a Chinese Internet security company.

SkyEye’s report did not name the United States, but it suggested that U.S. agents have for three years been engaged in cyberespionage against Chinese agencies. These agencies, the report stated, included research institutes and the departments that oversee China’s territorial waters, as well as aviation, aeronautics and shipping companies.

The SkyEye report has given Chinese officials some ammunition to lob back against the U.S. officials whenever they accuse Beijing of orchestrating cyberwarfare. Asked about the report on Tuesday, the Foreign Ministry’s Hua Chunying responded: “If what has been reported is true, it proves once again that China is the victim of hacker attacks.”

The White House has repeatedly said President Barack Obama has made cybersecurity a priority in discussions with Chinese President Xi Jinping, although recently, China’s actions in the South China Sea have risen higher on the agenda. The two world leaders are scheduled to spend many more hours together when Xi visits Washington in September.

“The president has frequently, including in every single meeting that he’s conducted with the current Chinese president, raised China’s activities in cyberspace as a significant source of concern,” Earnest said.

Some analysts see the SkyEye report as an opening for the United States to restart talks and calm the cyber skirmishing before it turns into an even broader – and more dangerous – form of cyberwarfare.

“The United States government and U.S. cybersecurity firms should actively respond to the (SkyEye) report,” wrote Adam Segal, a cyber conflict expert for the Council on Foreign Relations, in a recent blog post. “It is an opportunity to engage Beijing and Chinese cybersecurity companies in questions about what standards for public attribution of cyberattacks should be met.”

Anita Kumar of the Washington Bureau contributed.