NSA Chief: Don’t Assume China Hacked OPM

Michael_Rogers.jpg

The US military’s top cyber warrior says it’s merely an “assumption” that the Chinese government was behind the recent hack at the Office of Personnel Management, or OPM — and not necessarily one he shares. That puts Adm. Michael Rogers, (pictured) commander of US Cyber Command and director of the National Security Agency, in opposition to unnamed sources within the US government who blamed Beijing in June 4 interviews with the New York Times and Washington Post.

Rogers spoke in response to a question about how the National Security Agency was going about attributing the breach to the Chinese government. “You’ve put an assumption in your question,” he said. “I’m not going to get into the specifics of attribution. It’s a process that’s ongoing.”

The OPM hack may have exposed as many as 18 million records of government employees and job applicants, including people who applied for—and received—top-secret clearances.
Rogers’s hedged response, given during a question-and-answer session at the GEOINT symposium in downtown Washington, comes in stark contrast to the NSA’s approach to attribution during the Sony hack. In that case the FBI, working with the NSA and DHS, quickly named North Korea as the perpetrator, resulting in the prompt issuance of sanctions.
Rogers called that a great example of cross-agency collaboration. “Working across the United States government, DHS, FBI and the National Security agency, we were able to relatively quickly come to consensus about the characterization of the activity we were seeing coming in, which formed the basis of our attribution, and with a relatively high confidence factor, which allowed us to respond in a very public and direct way.”

If you’re a conservative politician or a presidential candidate, there’s a good chance that you believe that the Chinese government is behind the OPM hack and that the Obama administration is being too easy on Beijing. Sen. Susan Collins, R-Maine, who serves on the Senate Intelligence Committee, told the Associated Press on June 5 that Beijing backed the intrusion. She called it “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.”

More recently, former Arkansas governor and 2016 GOP presidential hopeful Mike Huckabee wrote on his blog, “We should hack the cell phones of some prominent Communist party leaders, hack the bank accounts of intelligence officials, publicly humiliate Chinese families for political corruption, or wipe-out a few critical Chinese computer systems.”
The Obama administration has been more reluctant to publicly blame the Chinese government. “I can’t promise you that we’ll be in a position at any point in the future to make a grand pronouncement about who may have been responsible for this particular intrusion,” White House press secretary Josh Earnest said at a June 9 briefing.

The cybersecurity group FireEye says it’s “highly confident” that Chinese hackers did it, based on the kind of cables and telecommunications equipment involved, the type of data stolen, and the specific backdoors that the thieves used. “These backdoors, they’re commonly used by Chinese threat actors,” Michael Oppenheim, the intelligence operations manager at FireEye, told Defense One.
Oppenheim stopped short of formally accusing the Chinese government but added, “We believe that this aligns with Chinese interests.”
Oppenheim said that he was sympathetic to Rogers’s reluctance to formally attribute the breach to the Chinese government. “For someone in his position, you want to be 100-percent sure,” he said.
Meanwhile, we asked Rogers: what is he doing to shore up defenses or retaliate for the hack? “Now tell me,” he said, “you really think that as the director of the NSA and US Cyber Command, I’m going to talk to you about that?”

DefenseOne:

 

« Data Security and Loss of Control Killing Cloud?
Hackers target Polish airline carrier LOT »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MKD-CIRT

MKD-CIRT

MKD-CIRT is the national Computer Incident Response Team for Macedonia.

Bolton Labs

Bolton Labs

Bolton Labs is a leading provider cybersecurity services, tools, and analysis for MSPs and organizations who want to scale their security offerings.

The Data Privacy Group

The Data Privacy Group

The Data Privacy Group provide expert professional services underpinned by world leading automation tools and a consulting team specialized in privacy and data protection.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

KOBIL

KOBIL

KOBIL is a pioneer in the fields of smart card, one-time password, authentication and cryptography.

Seqrite

Seqrite

Seqrite offers a highly advanced range of enterprise and IT security solutions to protect your organization's most critical data.

Cyber Defense Agency (CDA)

Cyber Defense Agency (CDA)

Cyber Defense Agency is a premier professional services firm specializing in cyber security, computer network defense, and information security.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

Crayonic

Crayonic

Crayonic digital identity technologies protect and guarantee the identity of people and things.

Randstad

Randstad

Randstad provide outsourcing, staffing, consulting and workforce solutions in the USA across a wide range of job sectors including IT and cybersecurity.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

Centric Consulting

Centric Consulting

Centric Consulting is an international management consulting firm with unmatched expertise in business transformation, AI strategy, cyber risk management, technology implementation and adoption. 

Guardian Angel Cyber

Guardian Angel Cyber

Guardian Angel Cyber, is your trusted ally in safeguarding your digital assets and online presence.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.

Xiphera

Xiphera

Xiphera designs and implements proven cryptographic security for embedded systems.