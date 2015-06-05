(Adds China Foreign Ministry response paragraphs 5, 17-18)
By Matt Spetalnick and David Brunnstrom
WASHINGTON, June 5 Hackers broke into U.S.
government computers, possibly compromising the personal data of
4 million current and former federal employees, and
investigators were probing whether the culprits were based in
China, U.S. officials said on Thursday.
Cyber investigators linked the breach to earlier thefts of
healthcare records from Anthem Inc, the second largest
U.S. health insurer, and Premera Blue Cross, a healthcare
services provider.
In the latest in a string of intrusions into U.S. agencies'
high-tech systems, the Office of Personnel Management (OPM)
suffered what appeared to be one of the largest breaches of
information ever on government workers. The office handles
employee records and security clearances.
A U.S. law enforcement source told Reuters a "foreign entity
or government" was believed to be behind the cyber attack.
Authorities were looking into a possible Chinese connection, a
source close to the matter said.
A Chinese Foreign Ministry spokesman said such accusations
had been frequent of late and were irresponsible. Hacking
attacks were often cross-border and hard to trace, he said.
The FBI said it was investigating and aimed to bring to
account those responsible.
Several U.S. states were already investigating a cyber
attack on Anthem in February that a person familiar with the
matter said is being examined for possible ties to China.
John Hultquist of Dallas-based iSight Partners told Reuters
that the latest attack on OPM and the earlier breaches at Anthem
and Premera Blue Cross appear to have been the work of cyber
espionage hackers working on behalf of a state, not those
focused on cybercrime.
He said they may have widened their net to gather personally
identifiable information for more elaborate, finely-tuned
attacks in the future. "This is usually done by criminals, but
based on their behavior, we believe these are espionage actors,"
said Hultquist.
MALICIOUS ACTIVITY
OPM detected new malicious activity affecting its
information systems in April and the Department of Homeland
Security said it concluded at the beginning of May that the
agency's data had been compromised and about 4 million workers
may have been affected.
The agencies involved did not specify exactly what kind of
information was accessed.
The breach hit OPM's IT systems and its data stored at the
Department of the Interior's data center, a shared service
center for federal agencies, a DHS official said on condition of
anonymity. The official would not comment on whether other
agencies' data had been affected.
OPM had previously been the victim of another cyber attack,
as have various federal government computer systems at the State
Department, the U.S. Postal Service and the White House.
Chinese hackers were blamed for penetrating OPM's computer
networks last year, and hackers appeared to have targeted files
on tens of thousands of employees who had applied for top-secret
security clearances, the New York Times reported last July,
citing unnamed U.S. officials.
"The FBI is working with our inter-agency partners to
investigate this matter," the bureau said in a statement. "We
take all potential threats to public and private sector systems
seriously, and will continue to investigate and hold accountable
those who pose a threat in cyberspace."
The U.S. government has long raised concerns about cyber
spying and theft emanating from China and has urged Beijing to
do more to curb the problem.
Chinese Foreign Ministry spokesman Hong Lei told a regular
daily news briefing in Beijing that China hoped the United
States would have more trust and cooperate more.
"Without first thoroughly investigating, always saying that
'it's possible', this is irresponsible and unscientific," said
Hong.
There was no comment from the White House.
Since the intrusion, OPM said it had implemented additional
security precautions for its networks. It said it would notify
the 4 million employees and offer credit monitoring and identity
theft services to those affected.
RASH OF ATTACKS
"The last few months have seen a series of massive data
breaches that have affected millions of Americans," U.S.
Representative Adam Schiff, the ranking Democrat on the House
Permanent Select Committee on Intelligence, said in a statement.
Tens of millions of records may have been lost in the
attacks on Anthem and Premera Blue Cross.
iSight's Hultquist said similar methods, servers and habits
of the attackers pointed to one state-sponsored group being
responsible for all three breaches.
The largest federal employee union said it was working with
the administration to ensure measures were taken to secure the
personal information of affected employees. "AFGE will demand
accountability," American Federation of Government Employees
President J. David Cox Sr. said in a statement.
In April, President Barack Obama responded to a growing rash
of attacks aimed at U.S. computer networks by launching a
sanctions program to target individuals and groups outside the
United States that use cyber attacks to threaten U.S. foreign
policy, national security or economic stability.
The move followed indictments of five Chinese military
officers who were charged with economic
espionage. U.S. officials also pointed the finger directly at
North Korea for a high-profile attack on Sony
over a film spoof depicting the assassination of
North Korea's leader.
China has routinely denied accusations by U.S. investigators
that hackers backed by the Chinese government have been behind
attacks on U.S. companies and federal agencies.
U.S. military officials have become increasingly vocal about
cyber espionage and attacks launched by China, Russia and other
rivals. A Pentagon report in April said hackers associated with
the Chinese government repeatedly targeted U.S. military
networks last year seeking intelligence.
(Additional reporting by Doina Chiacu, Mark Hosenball, Peter
Cooney and Jeff Mason; Writing by Matt Spetalnick; Editing by
David Gregorio and Alex Richardson)