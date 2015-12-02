* U.S., China officials meet this week for cyber crime talks
By Paul Carsten and Mark Hosenball
BEIJING/WASHINGTON, Dec 2 China's official
Xinhua news agency said on Wednesday an investigation into a
massive U.S. computer breach last year that compromised data on
more than 22 million federal workers found that the hacking
attack was criminal, not state-sponsored.
In an article about a meeting in Washington between top U.S.
and Chinese officials on cyber security issues, Xinhua said the
breach at the U.S. Office of Personnel Management (OPM) was
among the cases discussed.
The report did not give details of who conducted the
investigation or whether both U.S. and Chinese officials agreed
with the conclusion.
The Cyberspace Administration of China, the country's
Internet regulator, did not immediately reply to a request for
comment. In Washington, OPM referred inquiries to the U.S.
Department of Homeland Security, which also did not immediately
respond to a request for comment.
The White House said Susan Rice, President Barack Obama
national security adviser, and Lisa Monaco, his counterterrorism
adviser, met on Wednesday with a Chinese official to discuss
cyber issues and "to underscore the importance of full
adherence" to commitments made during Chinese President Xi
Jinping's visit to Washington in September.
U.S. intelligence chief James Clapper in June said the OPM
cyber attack was carried out by Chinese hackers but did not
specifically accuse China's government. Clapper told a
Washington intelligence conference: "You have to kind of salute
the Chinese for what they did," given the difficulty of the
intrusion.
However, U.S. officials have said privately they believe
Chinese government entities were behind the breach, which
involved the compromise of sensitive personal data submitted to
OPM by applicants for U.S. government security clearances, as
well as field reports generated by security investigators.
The breach exposed the names, Social Security numbers and
addresses of more than 22 million current and former U.S.
federal employees and contractors, as well as 5.6 million
fingerprints.
John Hultquist, a cyber espionage expert with iSight
Partners, said his firm believed the intrusion was conducted by
hackers working for China's government, based on digital
evidence and the hackers' other targets, including health
insurer Anthem.
"We can't attribute it directly to a specific intelligence
organization or office building in Beijing, (but) the writing is
on the wall in terms of the evidence we do have," said
Hultquist, whose firm provides cyber intelligence to the U.S.
government.
One reason U.S. officials are reluctant to accuse the
Chinese government publicly of hacking American security
clearance data, officials and private experts have said, is that
this is the sort of spying done by most if not all major foreign
intelligence agencies including U.S. agencies.
James Lewis, an expert with the Center for Strategic and
International Studies think tank, said China's latest claims
suggest authorities there likely will say they have arrested
hackers behind the OPM attack and claim they are criminals.
'TRADITIONAL KABUKI'
"It's a face-saving way of saying, 'It wasn't us and we'll
put them in jail,'" Lewis said. "Traditional kabuki in espionage
is you write off your agents when it's politically useful to do
so."
Lewis said in October that shortly before Xi visited the
United States, Chinese officials told their American
counterparts that Beijing had detained at least two hackers who
breached U.S. computer networks.
Reuters reported in October that Chinese officials told
their U.S. counterparts that one suspect was involved in the OPM
breach.
U.S. officials have said that they are unaware of any
evidence demonstrating that the hacked OPM data had been used
for any nefarious purposes.
Lewis said there also was no evidence the stolen OPM data
had appeared for sale on black markets, another indication the
hacking was carried out by individuals working with or for
China's government.
The Pentagon's chief arms buyer, Frank Kendall, said on
Wednesday that while he was not aware of Xinhua's claim, he
remained very concerned about Chinese hacking of U.S. weapons
systems.
"China is not the only source of some of our cyber attacks,
but it's certainly one of the major sources of cyber attacks,"
Kendall said. "This is a problem that is not going to go away."
OPM's director resigned in July in the aftermath of the
agency's disclosure that it had fallen victim to two cyber
attacks.
Top U.S. and Chinese officials convened this week in
Washington for the first round of cyber security talks following
the signing of a bilateral anti-hacking accord in September.
The two sides reached a broad agreement on the joint fight
against cyber crimes, and will set up a hotline for these
issues, according to Xinhua and CCTV, China's state-operated
national broadcaster.
The next meeting is scheduled for June, Xinhua said.
Along with the OPM hack, officials from the two countries
identified other cases to work on, reached further consensus on
fighting cyber terrorism and agreed on programs to boost the
fight against cyber crimes, Xinhua said, without giving further
details.
