OPM Hack Was Criminal - Not China Government Sponsored

China's official Xinhua news agency said recently that an investigation into a massive US computer breach last year that affected more than 22 million federal workers found the hacking attack was criminal, not state-sponsored.

In an article about a meeting between top US and Chinese officials on cyber security issues held in Washington, Xinhua said the breach at the United States Office of Personnel Management (OPM) was among the cases discussed.

The report did not give details of who conducted the investigation, or whether, the US and Chinese officials, both agreed with the conclusion.

OPM has been under scrutiny from lawmakers and the public ever since it disclosed earlier this year that it had fallen victim to two cyber attacks, which officials have privately linked to Chinese hackers.

The intrusions exposed sensitive personal information, including names, Social Security numbers and addresses of more than 22 million current and former federal employees and contractors, in addition to 5.6 million fingerprints.

Top US and Chinese officials convened in Washington for the first round of cyber security talks following the signing of a bilateral anti-hacking accord in September. Talks recently were seen as potentially significant in establishing acceptable norms for cyber espionage.

China and the US reached a broad agreement on the joint fight against cyber crimes, and will set up a hotline for these issues, according to Xinhua and CCTV, China's state-operated national broadcaster.

CCTV said a spokesperson for the Department of Homeland Security declined to comment on any agreement. The next meeting is scheduled for next June, Xinhua said.

Along with the OPM hack, officials from the two countries identified other cases to work on, reached further consensus on fighting cyber terrorism and agreed on programs to boost the fight against cyber crimes, Xinhua said, without giving further details.

It also marks an ongoing effort to repair bilateral relations after China withdrew from a working group last year in response to the US indictment of five members of its military on charges it hacked six US companies.

Reuters

 

 

« Five Cyber Security Predictions for 2016
IoT Turns Cities Into Cyber Battlegrounds »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA)

The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing

AA Certification (AAC)

AA Certification (AAC)

AAC provide ISO Quality Management System certification services including ISO 27001.

ContentKeeper

ContentKeeper

ContentKeeper provides Web Threat Protection solutions to secure today’s Web 2.0 and mobile centric business environments.

Morphisec

Morphisec

Morphisec's world leading prevention-first software stops ransomware and other advanced attacks from endpoint to the cloud.

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer SIT is a research centre specialising in all areas of IT security.

MIT Internet Policy Research Initiative (IPRI)

MIT Internet Policy Research Initiative (IPRI)

IPRI's mission is to work with policy makers and technologists to increase the trustworthiness and effectiveness of interconnected digital systems

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

Exatel

Exatel

Exatel is Poland’s leading provider of ICT security services.

Cyberlitica

Cyberlitica

Cyberlitica provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

GlobalPass

GlobalPass

Covering 200+ countries with 78 000 databases, GlobalPass provides sophisticated facial biometrics verification and deep screening, delivering peace of mind to every client.

Snode Technologies

Snode Technologies

Snode's Guardian cybersecurity platform uses AI and machine learning to monitor, detect and proactively respond to all threats on every device within your network.

Cord3

Cord3

Cord3 delivers data protection, even from trusted administrators – or hackers posing as administrators – with high privilege.

FraudLabs Pro

FraudLabs Pro

FraudLabs Pro detects fraud and helps merchants to reduce e-commerce chargebacks by identifying high risk transactions.

Secret Intelligence Service (SIS - MI6)

Secret Intelligence Service (SIS - MI6)

The UK’s Secret Intelligence Service, also known as MI6, has three core aims: stopping terrorism, disrupting the activity of hostile states, and giving the UK a cyber advantage.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.