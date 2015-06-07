* Federal personnel office hacked for second time in a year
* Cybersecurity expert sees "huge uptick" in data theft
* Defense chiefs worry over copycat weapons systems
(Adds details on link to Chinese intelligence)
By Andrea Shalal
WASHINGTON, June 6 A massive breach of U.S.
federal computer networks disclosed this week is the latest in a
flood of attacks by suspected Chinese hackers aimed at grabbing
personal data, industrial secrets and weapons plans from
government and private computers.
The Obama administration on Thursday disclosed the breach of
computer systems at the Office of Personnel Management and said
the records of up to 4 million current and former federal
employees may have been compromised.
U.S. officials have said on condition of anonymity they
believe the hackers are based in China, but Washington has not
publicly blamed Beijing at a time when tensions are high over
Chinese territorial claims in the South China Sea.
China has denied involvement.
It was the second computer break-in in less than a year at
the OPM, the federal government's personnel office.
The first breach has been linked to earlier thefts of
personal data from millions of records at Anthem Inc,
the second largest U.S. health insurer, an attack also blamed on
Chinese hackers, and Premera Blue Cross, a healthcare services
provider.
Guidance Software, a cybersecurity firm, said the
first signs of data "exfiltration" were originally detected with
Einstein, a U.S. government intrusion detection system. That
activity, it said, was eventually traced back to a machine under
the control of Chinese intelligence.
"It's a different form of Cold War at this point," said
Rob Eggebrecht, co-founder and chief executive of Denver-based
InteliSecure, a private cybersecurity firm.
Eggebrecht said his firm had seen a spike in attacks on
private company networks by Chinese actors over the past three
months. The latest was a previously undisclosed breach at a U.S.
pharmaceutical group, which cost the firm hundreds of millions
of dollars in sensitive research and development work.
Eggebrecht declined to identify the firm, which he said only
learned of the major breach within the last 72 hours.
"We've seen a huge uptick in opportunistic exfiltration of
high-value data," he said, adding that the attack on the pharma
company involved malicious software installed together with the
Chinese-language search engine Baidu.
"DIZZYING RATE"
Admiral James Winnefeld, vice chairman of the Joint Chiefs
of Staff, told a cyber conference at West Point military academy
last month that U.S. adversaries like China and Russia were
rapidly increasing their assaults on military networks.
"We're hemorrhaging information at a dizzying rate,
evidenced by the uncanny similarity of some of our potential
adversaries' new platforms to those we've been developing," said
Winnefeld.
China has in recent years introduced two new stealth
fighters that analysts say bear a striking resemblance to the
F-22 and F-35 built by Lockheed Martin Corp. Lockheed
redoubled security efforts focused on suppliers after a
"significant and tenacious" attack on its computer networks in
2011 that was enabled by lax security at a supplier.
U.S. senators have added $200 million in funding to their
proposed fiscal 2016 budget to fund a detailed study of the
cyber vulnerabilities of major weapons systems.
The move came after the Pentagon's chief weapons tester told
Congress that nearly every major weapons program tested in 2014
showed "significant vulnerabilities" to cyber attack, including
misconfigured and unpatched software.
U.S. government officials and cyber analysts say Chinese
hackers are using high-tech tactics to build massive databases
that could be used for traditional espionage goals, such as
recruiting spies, or gaining access to secure data on other
networks.
The latest incident gives hackers access to a treasure trove
of personal information, including birth dates, Social Security
numbers, previous addresses, and security clearances.
All that data could help hackers identify information about
specific targets, including potential passwords for websites
that may be portals to information about weapons systems or
other research data.
"They can dig down into that data and learn more about the
individuals, what their hobbies are, what their vices are, what
skeletons they have in their closet," said Babak Pasdar,
president and chief executive of Bat Blue Network, a
cybersecurity firm.
He said he was involved in a recent case in which hackers
gained access to private data of a website administrator by
finding passwords on a public website linked to the person's
hobby.
"This empowers the malevolent cyber actor to target a huge
number of people with phishing and other schemes to reel in
information," said one U.S. defense official. "The more targets
you have, the more likely you are to score."
(Editing by Doina Chiacu, Mark Trevelyan & Kim Coghill)