NSA Chief: Don’t Assume China Hacked OPM

Uploaded on 2015-06-27 in INTELLIGENCE--USA, INTELLIGENCE-Hot Spots-China, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Michael_Rogers.jpg

The US military’s top cyber warrior says it’s merely an “assumption” that the Chinese government was behind the recent hack at the Office of Personnel Management, or OPM — and not necessarily one he shares. That puts Adm. Michael Rogers, (pictured) commander of US Cyber Command and director of the National Security Agency, in opposition to unnamed sources within the US government who blamed Beijing in June 4 interviews with the New York Times and Washington Post.

Rogers spoke in response to a question about how the National Security Agency was going about attributing the breach to the Chinese government. “You’ve put an assumption in your question,” he said. “I’m not going to get into the specifics of attribution. It’s a process that’s ongoing.”

The OPM hack may have exposed as many as 18 million records of government employees and job applicants, including people who applied for—and received—top-secret clearances.
Rogers’s hedged response, given during a question-and-answer session at the GEOINT symposium in downtown Washington, comes in stark contrast to the NSA’s approach to attribution during the Sony hack. In that case the FBI, working with the NSA and DHS, quickly named North Korea as the perpetrator, resulting in the prompt issuance of sanctions.
Rogers called that a great example of cross-agency collaboration. “Working across the United States government, DHS, FBI and the National Security agency, we were able to relatively quickly come to consensus about the characterization of the activity we were seeing coming in, which formed the basis of our attribution, and with a relatively high confidence factor, which allowed us to respond in a very public and direct way.”

If you’re a conservative politician or a presidential candidate, there’s a good chance that you believe that the Chinese government is behind the OPM hack and that the Obama administration is being too easy on Beijing. Sen. Susan Collins, R-Maine, who serves on the Senate Intelligence Committee, told the Associated Press on June 5 that Beijing backed the intrusion. She called it “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.”

More recently, former Arkansas governor and 2016 GOP presidential hopeful Mike Huckabee wrote on his blog, “We should hack the cell phones of some prominent Communist party leaders, hack the bank accounts of intelligence officials, publicly humiliate Chinese families for political corruption, or wipe-out a few critical Chinese computer systems.”
The Obama administration has been more reluctant to publicly blame the Chinese government. “I can’t promise you that we’ll be in a position at any point in the future to make a grand pronouncement about who may have been responsible for this particular intrusion,” White House press secretary Josh Earnest said at a June 9 briefing.

The cybersecurity group FireEye says it’s “highly confident” that Chinese hackers did it, based on the kind of cables and telecommunications equipment involved, the type of data stolen, and the specific backdoors that the thieves used. “These backdoors, they’re commonly used by Chinese threat actors,” Michael Oppenheim, the intelligence operations manager at FireEye, told Defense One.
Oppenheim stopped short of formally accusing the Chinese government but added, “We believe that this aligns with Chinese interests.”
Oppenheim said that he was sympathetic to Rogers’s reluctance to formally attribute the breach to the Chinese government. “For someone in his position, you want to be 100-percent sure,” he said.
Meanwhile, we asked Rogers: what is he doing to shore up defenses or retaliate for the hack? “Now tell me,” he said, “you really think that as the director of the NSA and US Cyber Command, I’m going to talk to you about that?”

DefenseOne:

 

« Data Security and Loss of Control Killing Cloud?
Hackers target Polish airline carrier LOT »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Synovum

Synovum

Synovum was formed with the intention to provide high quality advice, consultancy, training and project management services to clients in all sectors of industry.

ASU Online - Information Technology Program

ASU Online - Information Technology Program

The Information Technology program at ASU Online provides you with the expertise to design, select, implement and administer computer-based information solutions.

IDnext

IDnext

IDnext is the open and independent platform to support innovative approaches in the world of the Digital identity.

Redspin

Redspin

Redspin provide penetration testing, security assessments and consulting services.

CSIRT-IE

CSIRT-IE

CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland.

IUCC Cyber Unit - Israel

IUCC Cyber Unit - Israel

IUCC Cyber Unit safeguards Israel’s National Research & Education Network (NREN).

CSIRT-NQN

CSIRT-NQN

CSIRT-NQN is the Computer Incident Response Team for the Argentine province of Neuquen.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions provides advanced, innovative data security solutions for enterprises, professionals and individuals.

Fortify 24/7

Fortify 24/7

Fortify 24×7 provides a robust portfolio of managed cybersecurity solutions to help you identify and prevent attacks.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Dope Security

Dope Security

Dope Security is a fly-direct Secure Web Gateway that eliminates the data center stopover architecture required by legacy providers, instead performing security directly on the endpoint.

Cyber Octet

Cyber Octet

Cyber Octet is an IT Solution, Security, Training and Services company. We provide training and services from Web Application Security to ISO 27001 implementation.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

SoConnect

SoConnect

SoConnect provides safe, secured, and taken care of IT, with infrastructure built around you and your business.

Access Talent Today

Access Talent Today

Access Talent Today is an AI/ML and cyber security talent provider.