CIA ON CHINESE CYBERSPYING
A senior CIA analyst said China is continuing to conduct aggressive cyberespionage operations against the U.S., contrary to claims by security experts who say Beijing curbed cyberattacks in the past few years.
“We know the Chinese are very active in targeting our government, U.S. industry and those of our partners through cyberespionage,” said Michael Collins, deputy assistant CIA director and head of the agency’s East Asia Mission Center.
“It’s a very real, big problem, and we need to do more about it,” Mr. Collins told a recent security conference in Aspen, Colorado.
Mr. Collins said solving the problem of Chinese cyberattacks will require an “all-of-government, allof-country approach to pushing back against it.”
The comments contradict a number of cybersecurity experts who have said Beijing’s digital spying and information theft decreased sharply as a result of the 2015 agreement between President Obama and Chinese President Xi Jinping.
The two leaders announced the cyber deal with great fanfare and said both countries had agreed to curtail cyberespionage against businesses.
Last year, the cybersecurity firm FireEye said in a report that Chinese hacking against U.S. entities had declined by 90 percent over two years.
The most serious cyberattack by China was the theft of some 22 million federal records from the Office of Personnel Management. U.S. intelligence and security officials said the massive breach of OPM records likely produced an intelligence windfall for China’s main hacking unit, the 3rd Department of the People’s Liberation Army General Staff, known as 3PLA.
The OPM hack included sensitive personal information on tens of thousands of federal workers and contractors who have access to classified information.
According to intelligence experts, China is expected to use the stolen OPM data to target officials with access to secrets, along with targeting network administrators throughout government who can be hacked as part of cyberoperations designed to break into sensitive government networks.