Big US data breaches offer treasure trove for hackers

Big US data breaches offer treasure trove for hackers
Updated 06 June 2015
Follow

Big US data breaches offer treasure trove for hackers

Big US data breaches offer treasure trove for hackers

WASHINGTON: A massive breach of US federal computer networks disclosed this week is the latest in a flood of attacks by suspected Chinese hackers aimed at grabbing personal data, industrial secrets and weapons plans from government and private computers.
The Obama administration on Thursday disclosed the breach of computer systems at the Office of Personnel Management and said the records of up to 4 million current and former federal employees may have been compromised.
US officials have said on condition of anonymity they believe the hackers are based in China, but Washington has not publicly blamed Beijing at a time when tensions are high over Chinese territorial claims in the South China Sea.
China has denied involvement.
It was the second computer break-in in less than a year at the OPM, the federal government’s personnel office. The first breach has been linked to earlier thefts of personal data from millions of records at Anthem Inc, the second largest US health insurer, an attack also blamed on Chinese hackers, and Premera Blue Cross, a health care services provider.
“It’s a different form of Cold War at this point,” said Rob Eggebrecht, co-founder and chief executive of Denver-based InteliSecure, a private cybersecurity firm.
Eggebrecht said his firm had seen a spike in attacks on private company networks by Chinese actors over the past three months. The latest was a previously undisclosed breach at a US pharmaceutical group, which cost the firm hundreds of millions of dollars in sensitive research and development work.
Eggebrecht declined to identify the firm, which he said only learned of the major breach within the last 72 hours.
“We’ve seen a huge uptick in opportunistic exfiltration of high-value data,” he said, adding that the attack on the pharma company involved malicious software installed together with the Chinese-language search engine Baidu.
Admiral James Winnefeld, vice chairman of the Joint Chiefs of Staff, told a cyber conference at West Point military academy last month that US adversaries like China and Russia were rapidly increasing their assaults on military networks.
“We’re hemorrhaging information at a dizzying rate, evidenced by the uncanny similarity of some of our potential adversaries’ new platforms to those we’ve been developing,” said Winnefeld, one of a growing number of US officials who argue for striking back at attackers to create more of a deterrent.
China has in recent years introduced two new stealth fighters that analysts say bear a striking resemblance to the F-22 and F-35 built by Lockheed Martin Corp. Lockheed redoubled security efforts focused on suppliers after a “significant and tenacious” attack on its computer networks in 2011 that was enabled by lax security at a supplier.