Hack­ers may have 4 mil­lion U.S. work­ers’ data

The cy­ber­at­tack on a fed­eral per­son­nel agency sys­tem was based in China.

Los Angeles Times - - THE WORLD - By Christi Par­sons christi.par­sons@la­times.com Twit­ter: @cpar­sons

Hack­ers based in China may have ob­tained per­son­nel data on as many as 4 mil­lion fed­eral em­ploy­ees in a large-scale cy­ber­at­tack un­cov­ered this spring, ad­min­is­tra­tion of­fi­cials con­firmed Thurs­day.

In­ves­ti­ga­tors dis­cov­ered signs of the attack in April while in the process of updating se­cu­rity on gov­ern­ment com­put­ers, se­nior ad­min­is­tra­tion of­fi­cials said.

The in­tru­sion ap­peared to have come be­fore the adop­tion of tougher se­cu­rity con­trols this spring, of­fi­cials said. Since un­cov­er­ing the breach, the fed­eral Of­fice of Per­son­nel Man­age­ment, which was tar­geted in the attack, has been work­ing to lock down its sys­tem, re­strict­ing re­mote ac­cess for net­work ad­min­is­tra­tors and re­view­ing all con­nec­tions to make sure they’re open only to those with le­git­i­mate busi­ness.

The agency’s in­for­ma­tion tech­nol­ogy sys­tem holds data on cur­rent and for­mer em­ploy­ees and U.S. gov­ern­ment con­trac­tors.

As the FBI and the Depart­ment of Home­land Se­cu­rity work to de­ter­mine the full ef­fects of the breach, the per­son­nel of­fice has been no­ti­fy­ing mil­lions of peo­ple that some of their per­sonal in­for­ma­tion may have been stolen.

“Pro­tect­ing our fed­eral em­ployee data from ma­li­cious cy­ber in­ci­dents is of the high­est pri­or­ity at OPM,” agency direc­tor Kather­ine Archuleta said in a state­ment late Thurs­day.

“We take very se­ri­ously our re­spon­si­bil­ity to se­cure the in­for­ma­tion stored in our sys­tems, and in co­or­di­na­tion with our agency part­ners, our ex­pe­ri­enced team is con­stantly iden­ti­fy­ing op­por­tu­ni­ties to fur­ther pro­tect the data with which we are en­trusted.”

Be­sides no­ti­fy­ing peo­ple who have been af­fected, Archuleta’s of­fice is also of­fer­ing credit re­port checks and mon­i­tor­ing as well as iden­tity theft in­sur­ance for fed­eral work­ers.

The lat­est in­ci­dent ap­pears to be the sec­ond time that hack­ers have pen­e­trated the net­works of the per­son­nel of­fice, the repos­i­tory of per­sonal in­for­ma­tion for the vast army of U.S. gov­ern­ment em­ploy­ees. Law en­force­ment of­fi­cials un­cov­ered signs of an attack this spring that hit not only that in­for­ma­tion but also that of the Gov­ern­ment Print­ing Of­fice and Gov­ern­ment Ac­count­abil­ity Of­fice.

Re­spond­ing to a rash of com­puter se­cu­rity prob­lems ear­lier this year, which in­cluded the North Korean cy­ber­at­tack on Sony Pic­tures, Pres­i­dent Obama in April or­dered sanc­tions on hack­ers who de­stroy or pil­fer data from com­puter net­works used by the U.S. gov- ern­ment and Amer­i­can busi­nesses.

The penal­ties, which in­clude eco­nomic and travel sanc­tions, were meant to de­ter costly at­tacks launched from abroad against U.S. tar­gets.

Separately, the White House de­clined to com­ment on a New York Times re­port that in 2012 the ad­min­is­tra­tion had ex­panded the Na­tional Se­cu­rity Agency’s sur­veil­lance of in­ter­na­tional In- ter­net traf­fic to search for ev­i­dence of com­puter hack­ing.

The news­pa­per re­ported that the Jus­tice Depart­ment wrote two clas­si­fied memos in 2012 that au­tho­rized the spy agency to begin search­ing In­ter­net ca­bles for data linked to com­puter in­tru­sions launched from abroad.

The new author­ity would al­low the agency to mon­i­tor only pat­terns as­so­ci­ated with com­puter in­tru­sions that could be tied to for­eign gov­ern­ments, the re­port said.

Though he would not con­firm any new di­rec­tives, White House Press Sec­re­tary Josh Earnest noted that the For­eign In­tel­li­gence Sur­veil­lance Act does al­low in­ves­ti­ga­tors to tar­get for­eign cit­i­zens out­side the U.S. in or­der to ac­quire for­eign in­tel­li­gence.

“That is a tool that our na­tional se­cu­rity pro­fes­sion­als have found to be valu­able in pro­tect­ing the coun­try from a va­ri­ety of threats, par­tic­u­larly cy­ber threats,” Earnest said. “And this ad­min­is­tra­tion re­mains com­mit­ted to be­ing vig­i­lant about the ever-evolv­ing threat that we face in cy­berspace.”

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.