US believes China behind cybersecurity breach affecting at least 4M federal employees

Hackers based in China are believed to be behind a massive data breach that could have compromised the personal data of at least 4 million current and former federal employees, U.S. officials said late Thursday.

Sen. Susan Collins, R-Maine, a member of the Senate Intelligence Committee, told the Associated Press that investigators suspect the cyberattack was carried out by the Chinese. She said the breach was “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.”

If confirmed, the incident would be the second major breach by Beijing in less than a year. A spokesman for the Chinese Embassy in Washington called such accusations “not responsible and counterproductive.”

“Cyber attack is a global threat which could [sic] only be addressed by international cooperation based on mutual trust and mutual respect,” Zhu Haiquan said in a statement late Thursday. “We hope all countries in the world can work constructively together to address cyber security issues, push forward the formulation of international rules and norms in … cyberspace, in order to build a peaceful, secure, open and cooperative cyberspace.”

The Department of Homeland Security (DHS) issued a statement confirming the breach Thursday, saying that it had concluded at the beginning of May that data from the Office of Personnel Management (OPM) and the Interior Department had been compromised.

Read the full article at Fox News

Senetas high assurance security comments

  • The fundamental information security question that must be answered when any data breach of this type occurs is not: HOW it occurred; or WHO the cyber-criminal may be. The fundamental question today is: WHY wasn’t sensitive data encrypted?
  • Information security professionals, advisers and commentators around the world have consistently stated that ALL sensitive data must be encrypted – at rest and when being transmitted across data networks. Encryption is essential to ensure that when a breach is successful, cyber-criminals only obtain useless data.
  • Of course not all encryption is the same. Professionals make it clear that the most effective, or ‘unbreakable’ (a term given by the FBI), encryption solutions use:
    • Standards based encryption technology, such as AES256;
    • Best-of-breed Encryption Key Management, necessary to ensure only the data owner has control and access to the keys; and are
    • Certified by an independent government certification testing authority such as FIPS or Common Criteria, which certifies that the solution is suitable for government and defence use.
  • So, the question yet to be answered is: why wasn’t sensitive employee information encrypted? WHY indeed?