OPM Hack Was Criminal - Not China Government Sponsored

Uploaded on 2015-12-06 in NEWS-Cybersecurity News, INTELLIGENCE--USA, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, TECHNOLOGY--Hackers

China's official Xinhua news agency said recently that an investigation into a massive US computer breach last year that affected more than 22 million federal workers found the hacking attack was criminal, not state-sponsored.

In an article about a meeting between top US and Chinese officials on cyber security issues held in Washington, Xinhua said the breach at the United States Office of Personnel Management (OPM) was among the cases discussed.

The report did not give details of who conducted the investigation, or whether, the US and Chinese officials, both agreed with the conclusion.

OPM has been under scrutiny from lawmakers and the public ever since it disclosed earlier this year that it had fallen victim to two cyber attacks, which officials have privately linked to Chinese hackers.

The intrusions exposed sensitive personal information, including names, Social Security numbers and addresses of more than 22 million current and former federal employees and contractors, in addition to 5.6 million fingerprints.

Top US and Chinese officials convened in Washington for the first round of cyber security talks following the signing of a bilateral anti-hacking accord in September. Talks recently were seen as potentially significant in establishing acceptable norms for cyber espionage.

China and the US reached a broad agreement on the joint fight against cyber crimes, and will set up a hotline for these issues, according to Xinhua and CCTV, China's state-operated national broadcaster.

CCTV said a spokesperson for the Department of Homeland Security declined to comment on any agreement. The next meeting is scheduled for next June, Xinhua said.

Along with the OPM hack, officials from the two countries identified other cases to work on, reached further consensus on fighting cyber terrorism and agreed on programs to boost the fight against cyber crimes, Xinhua said, without giving further details.

It also marks an ongoing effort to repair bilateral relations after China withdrew from a working group last year in response to the US indictment of five members of its military on charges it hacked six US companies.

Reuters

 

 

« Five Cyber Security Predictions for 2016
IoT Turns Cities Into Cyber Battlegrounds »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TechDefence Labs

TechDefence Labs

TechDefence Labs provide pentesting and security assessment services for networks, web apps, mobile apps and source code reviews.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

CLDigital

CLDigital

CLDigital's no-code risk and resilience platform, CL360, provides leaders with risk and resilience data to make strategic and tactical continuity decisions.

CodeSealer

CodeSealer

CodeSealer provide invisible end-to-end user interface protection with a unique web security solution to eliminate Man-in-the-Middle and Man-in-the-Browser vulnerabilties.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

TechArch

TechArch

TechArch helps customers to optimize their investments in cybersecurity by providing them independent and vendor-neutral consultation and guidance.

CIRISK

CIRISK

CIRISK offers a wide range of services from consulting to audit or project management to help you develop your cyber security or information security strategy.

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

Acreto

Acreto

Acreto is an end-to-end security infrastructure that protects all your technologies with a single, simple cloud service.

Netenrich

Netenrich

The Netenrich operations intelligence platform is built from the ground up to help enterprises resolve everyday and futuristic problems for stable, secure environments and infrastructures.

BlockAPT

BlockAPT

BlockAPT, empowering you with an advanced, intelligent cyber defence platform. We protect our customers digital assets by unifying operational technologies against advanced persistent threats.

Route1

Route1

Route1 is an advanced provider of secure data intelligence solutions to drive your business forward.

Inholo

Inholo

Inholo offers tools to manage the risks of synthetic realities, starting with an AI-photo detection service.

TerraEagle

TerraEagle

Terraeagle is a boutique cyber security services company providing tailor-made solutions. Our core competency is in SOCaaS, MDRaaS & and Incident Response Retainer Services.

Aryon Security

Aryon Security

Aryon Security is redefining cloud security with the ability to enforce cloud strategy with confidence, enabling organizations to prevent risks before they emerge.