Skip to main content

China denies involvement in massive US data breach

UPDATE: China has denied being involved in a massive cyberattack which compromised the data of about four million current and former U.S. government workers.

A spokesperson for the Chinese embassy in Washington said in a statement: "Cyber-attacks conducted across countries are hard to track and therefore the source of attacks is difficult to identify. Jumping to conclusions and making hypothetical accusation is not responsible and counterproductive," IB Times (opens in new tab) writes in a report.

Zhu Haiquan added: "Cyberattack is a global threat which could only be addressed by international cooperation based on mutual trust and mutual respect."

A U.S. law enforcement source earlier told Reuters (opens in new tab)a foreign entity or government was believed to be behind the cyber intrusion against the Office of Personnel Management (OPM), and media reports said authorities suspected it originated in China.

The Federal Bureau of Investigation said it had launched a probe and would hold the culprits accountable.

"The FBI is working with our interagency partners to investigate this matter," Cnet quotes a statement made by the FBI. "We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace."

OPM detected new malicious activity affecting its information systems in April and the Department of Homeland Security said it concluded at the beginning of May that the agency's data had been compromised.

The Chinese consulate in San Francisco did not immediately respond to Cnet’s request for comment.

The breach affected OPM's IT systems and its data stored at the Department of the Interior's data centre, which is a shared service centre for federal agencies, a DHS official said on condition of anonymity. The official would not comment on whether other agencies' data had been affected.

Another prominent voice commenting on this hack is ViaSat UK CEO Chris McIntosh who claimed that ;

"This latest incident shows how cyber-attack is cementing itself as a form of unconventional warfare. Rather than guerrilla raids or sabotage, the greatest threat to governments and other organisations comes increasingly not from the physical world, but from the virtual. However, cyber-attack is unique in both its reach and its ease of use. Unlike other forms of warfare, unconventional or not, it requires relatively few resources and can be performed from anywhere, and almost by anyone. As a result, an attack of some sort will be almost inevitable. Mitigating the effects is therefore just as important as prevention.

“The best way for organisations to do this is to assume that their security has already been compromised. Security then becomes a matter of minimising, and where possible eliminating, damage caused by attacks. Encrypting sensitive data, so that even if stolen it is essentially useless to attackers, is one step that should by this point be compulsory. The ability to isolate potentially infected systems is another. However, organisations of any size should ensure they take an all-encompassing approach to security to prevent the risk of serious damage.”

Computer hacking is a sore subject between the US and China. Both countries have publicly accused each other of breaking in to servers to steal information.

Back in May 2014, US Justice Department filed charges (opens in new tab) against five alleged Chinese military hackers, saying they were hacking American corporations and stealing information. China has denied the allegations.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.