NSA Chief: Don’t Assume China Hacked OPM

Uploaded on 2015-06-27 in INTELLIGENCE--USA, INTELLIGENCE-Hot Spots-China, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Michael_Rogers.jpg

The US military’s top cyber warrior says it’s merely an “assumption” that the Chinese government was behind the recent hack at the Office of Personnel Management, or OPM — and not necessarily one he shares. That puts Adm. Michael Rogers, (pictured) commander of US Cyber Command and director of the National Security Agency, in opposition to unnamed sources within the US government who blamed Beijing in June 4 interviews with the New York Times and Washington Post.

Rogers spoke in response to a question about how the National Security Agency was going about attributing the breach to the Chinese government. “You’ve put an assumption in your question,” he said. “I’m not going to get into the specifics of attribution. It’s a process that’s ongoing.”

The OPM hack may have exposed as many as 18 million records of government employees and job applicants, including people who applied for—and received—top-secret clearances.
Rogers’s hedged response, given during a question-and-answer session at the GEOINT symposium in downtown Washington, comes in stark contrast to the NSA’s approach to attribution during the Sony hack. In that case the FBI, working with the NSA and DHS, quickly named North Korea as the perpetrator, resulting in the prompt issuance of sanctions.
Rogers called that a great example of cross-agency collaboration. “Working across the United States government, DHS, FBI and the National Security agency, we were able to relatively quickly come to consensus about the characterization of the activity we were seeing coming in, which formed the basis of our attribution, and with a relatively high confidence factor, which allowed us to respond in a very public and direct way.”

If you’re a conservative politician or a presidential candidate, there’s a good chance that you believe that the Chinese government is behind the OPM hack and that the Obama administration is being too easy on Beijing. Sen. Susan Collins, R-Maine, who serves on the Senate Intelligence Committee, told the Associated Press on June 5 that Beijing backed the intrusion. She called it “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.”

More recently, former Arkansas governor and 2016 GOP presidential hopeful Mike Huckabee wrote on his blog, “We should hack the cell phones of some prominent Communist party leaders, hack the bank accounts of intelligence officials, publicly humiliate Chinese families for political corruption, or wipe-out a few critical Chinese computer systems.”
The Obama administration has been more reluctant to publicly blame the Chinese government. “I can’t promise you that we’ll be in a position at any point in the future to make a grand pronouncement about who may have been responsible for this particular intrusion,” White House press secretary Josh Earnest said at a June 9 briefing.

The cybersecurity group FireEye says it’s “highly confident” that Chinese hackers did it, based on the kind of cables and telecommunications equipment involved, the type of data stolen, and the specific backdoors that the thieves used. “These backdoors, they’re commonly used by Chinese threat actors,” Michael Oppenheim, the intelligence operations manager at FireEye, told Defense One.
Oppenheim stopped short of formally accusing the Chinese government but added, “We believe that this aligns with Chinese interests.”
Oppenheim said that he was sympathetic to Rogers’s reluctance to formally attribute the breach to the Chinese government. “For someone in his position, you want to be 100-percent sure,” he said.
Meanwhile, we asked Rogers: what is he doing to shore up defenses or retaliate for the hack? “Now tell me,” he said, “you really think that as the director of the NSA and US Cyber Command, I’m going to talk to you about that?”

DefenseOne:

 

« Data Security and Loss of Control Killing Cloud?
Hackers target Polish airline carrier LOT »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Egress Software Technologies

Egress Software Technologies

Egress Software Technologies is a leading provider of data security services designed to protect shared information throughout its lifecycle.

Stott & May

Stott & May

Stott & May is a specialist cyber security recruitment agency.

Security Audit Systems

Security Audit Systems

Security Audit Systems is a website security specialist providing website security audits and managed web security services.

Second Nature Security (2NS)

Second Nature Security (2NS)

2NS provide vulnerability assessment, penetration testing, security audit, application and network security and secure software development processes.

GuardiCore

GuardiCore

GuardiCore is an innovator in internal data center security and breach detection and is transforming security inside data centers and clouds.

AntemetA

AntemetA

AntemetA specializes in network infrastructure, security and cloud computing, helping companies transform their Information Systems.

AdaptiveMobile Security

AdaptiveMobile Security

AdaptiveMobile Security, a world leader in mobile network security, protecting more than 2.2 billion subscribers worldwide.

Privakey

Privakey

Transaction Intent Verification. Privakey delivers a secure channel to streamline high risk transactions, enabling digital trust between services and their users.

ActZero

ActZero

ActZero’s security platform leverages proprietary AI-based systems and full-stack visibility to detect, analyze, contain, and disrupt threats.

ReasonLabs

ReasonLabs

ReasonLabs have created a next-generation anti-virus that is enterprise grade, yet accessible to any personal device around the world.

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity's mission is to provide value by dramatically improving the cybersecurity posture of our clients and business partners.

Polygraph

Polygraph

Polygraph monitors the activities of click fraud gangs, including how they operate, who they target, the techniques they use, and how to detect their fraud.

KATIM

KATIM

KATIM is a leader in the development of innovative secure communication products and solutions for governments and businesses.

ThreatNG Security

ThreatNG Security

ThreatNG is redefining external attack surface management (EASM) and digital risk protection with a platform of unmatched breadth, depth, and capabilities in thwarting technical and business threats.

Sec3

Sec3

Sec3 is a security and research firm providing bespoke audits and cutting edge tools to Web3 projects.

ViCyber

ViCyber

ViCyber is an Australian based company whose mission is to simplify and strengthen cybersecurity for all businesses, irrespective of size.