AFP From Business Insider

The US government on Thursday said that hackers accessed the personal data of at least four million current and former federal employees© AFP/File Thomas SamsonThe US government on Thursday said that hackers accessed the personal data of at least four million current and former federal employees

Beijing (AFP) – Beijing on Friday labelled as “irresponsible” reports that Chinese hackers were behind a massive cyber-attack on personal data of millions of current and former US federal employees.

The US government on Thursday said that hackers accessed the personal data of at least four million current and former federal employees. Officials told US media that China was suspected.

“Cyber-attacks are generally anonymous and conducted across borders and their origins are hard to trace,” foreign ministry spokesman Hong Lei said at a regular briefing.

“Not to carry out a deep investigation and keep using words such as ‘possible’ is irresponsible and unscientific,” he added.

“As a result of the incident,” uncovered in April, the US Office of Personnel Management said it “will send notifications to approximately four million individuals.”

It added that additional exposures “may come to light.”

The government’s personnel department handles hundreds of thousands of sensitive security clearances and background investigations on prospective employees each year.

It was not immediately clear whether the hack affected President Barack Obama, other senior government officials or the intelligence community.

The Washington Post and other US media cited government officials as saying that Chinese hackers were behind the breach.

“We have seen a lot of media reports and opinions like this recently,” Hong said.

The Chinese embassy in Washington countered that such attacks would not be allowed under Chinese law.

“Chinese laws prohibit cyber-crimes of all forms. China has made great efforts to combat cyber-attacks in accordance with Chinese laws and regulations,” embassy spokesman Zhu Haiquan said.

The FBI and Department of Homeland Security are said to be leading an investigation into the attack. The FBI in a statement said it “will continue to investigate and hold accountable those who pose a threat in cyber-space.”

The government said it will, through a third party, offer $1 million in identity theft protection services at no cost.

“Protecting our federal employee data from malicious cyber-incidents is of the highest priority,” Office of Personnel Management director Katherine Archuleta said.

Her agency said the intrusion may have begun late last year and “predated the adoption of the tougher security controls”.

The new measures include restricting remote access, screening business connections and deploying anti-malware software.

-Major Breaches-

The incident is the latest in a series of major breaches that have shown the vulnerability of the federal government.

Last year Russian hackers are believed to have accessed unclassified computer systems at the White House and State Department.

Hackers stole information on 100,000 taxpayers from online computers of the US Internal Revenue Service.

The United States has struck an increasingly strident tone about cyber-attacks in recent months.

Admiral Michael Rogers, who heads the National Security Agency and US Cyber Command, has said that future attacks could prompt a response with conventional weapons.

In February, US Director of National Intelligence James Clapper said a steady stream of low-level cyber-attacks posed the most likely danger to the United States, rather than a potential digital “armageddon.”

Obama has ranked China and Russia’s cyber-attack capabilities as “very good,” Iran’s as “good,” and North Korea’s as not “particularly good.”

China operates a vast domestic security and surveillance apparatus.

In a recent white paper, Beijing said it would “expedite the development of a cyber-force” within the People’s Liberation Army.

In 2013, US Internet security firm Mandiant said its hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies “are based primarily in China and that the Chinese government is aware of them”.

One group, it said, was believed to be a branch of the People’s Liberation Army called Unit 61398, and digital signatures from its cyber-attacks were traced back to a building in Shanghai.

Last year, five members of the unit were indicted by US federal prosecutors on charges of stealing information from companies, including nuclear plant manufacturer Westinghouse, SolarWorld and US Steel.

China is increasingly concerned about US cyber-spying and has ordered many government departments to avoid using foreign technology.

For more on this story go to: http://www.businessinsider.com/afp-beijing-calls-reports-china-involved-in-us-hack-irresponsible-2015-6#ixzz3cDaadeN3

Related story:

US official on China hacking government database: ‘This is deep’

REUTERS From Business Insider

Data stolen from US government computers by suspected Chinese hackers included security clearance information and background checks dating back three decades, US officials said on Friday, underlining the scope of one of the largest known cyber attacks on federal networks.

The breach of computer systems of the Office of Personnel Management was disclosed on Thursday by the Obama administration, which said records of up to 4 million current and former federal employees may have been compromised.

US government sources said the hackers were believed to have been based in China but it was not yet known if the massive hacking was state-sponsored.

The breach was among the most far-reaching thefts of information on the federal work force.

“This is deep. The data goes back to 1985,” said one official, who spoke on condition of anonymity. “This means that they potentially have information about retirees, and they could know what they did after leaving government.”

Access to information from OPM’s computers, such as birthdates, Social Security numbers, and bank information, could help hackers test potential passwords to other sites, including those containing information about critical weapons systems, the official said.

“That could give them a huge advantage,” the official said.

Cyber investigators have linked the OPM breach to earlier thefts of personal data from millions of records at Anthem Inc, the second-largest US health insurer, and Premera Blue Cross, a healthcare services provider.

It was the second computer break-in in less than a year at OPM, the federal government’s personnel office and the latest in a string of cyber attacks on US agencies, some of which have been blamed on Chinese hackers.

A Chinese Foreign Ministry spokesman said such accusations had been frequent of late and were irresponsible. Hacking attacks were often cross-border and hard to trace, he said.

But another American official said the US believed the hack was of “Chinese origin,” but the source offered no details on how US authorities came to that conclusion.

Disclosure of the latest computer breach comes ahead of the annual US-China Strategic and Economic Dialogue due to be held in Washington on June 22 to 24. Cyber security was already expected to be high on the agenda.

Tension between Washington and Beijing has intensified over Chinese assertiveness in maritime disputes with its neighbors in the South China Sea.

The Federal Bureau of Investigation said it aimed to bring to account those responsible for the hacking.

OPM detected new malicious activity affecting its information systems in April and the Department of Homeland Security (DHS) said it concluded at the beginning of May that the agency’s data had been compromised and about 4 million workers may have been affected.

The breach hit OPM’s IT systems and its data stored at the Department of the Interior’s data center, a shared service center for federal agencies, a DHS official said on condition of anonymity.

Chinese hackers were blamed for penetrating OPM’s computer networks last year, and hackers appeared to have targeted files on tens of thousands of employees who had applied for top-secret security clearances, the New York Times reported last July, citing unnamed U.S. officials.

(Additional reporting by Phil Stewart and David Brunnstrom; Editing by Jason Szep, Doina Chiacu, Toni Reinhold)

IMAGES:
REUTERS/Jim UrquhartAn analyst looks at code in the malware lab of a cyber-security-defense lab at the Idaho National Laboratory in Idaho Falls, Idaho, September 29, 2011.
REUTERS/Kevin LamarquePresident Barack Obama (R) meets China’s President Xi Jinping, on the sidelines of a nuclear security summit, in The Hague, March 24, 2014.

For more on this story go to: http://www.businessinsider.com/r-data-obtained-in-us-government-hack-dates-back-to-1985-us-official-2015-6#ixzz3cErgAyzi