U.S. believes Chinese spies behind hack

U.S. President Barack Obama. REUTERS/Jonathan Ernst

WASHINGTON — The Obama administration is increasingly confident that China’s government, not criminal hackers, was responsible for the extraordinary theft of personal information about as many as 14 million current and former federal employees and others, The Associated Press has learned. One sign: None of the data has been credibly offered for sale on underground markets popular among professional identity thieves.

Investigators inside U.S. intelligence and law enforcement agencies, using secret “beacons” employed across the Internet, have been monitoring data transmissions across overseas networks for the file properties associated with the American personnel records, and scouring communications among targeted foreign hackers for credible references to the theft, two people directly involved in the investigation said. They spoke on condition of anonymity because parts of the case and techniques being used are classified.

Investigators also have watched underground markets where identity thieves peddle information and found no trace of the data stolen from the U.S. Office of Personnel Management, a central government personnel database, they said. In the chessboard world of espionage, they also acknowledged that by revealing what they said was indirect evidence that spying was actually the motive, it might encourage Beijing’s government to sell at least some of the data surreptitiously to implicate identity thieves in what would be a counter-counterintelligence false-flag operation.

China has openly denied involvement in the break-in, and the U.S. has publicly provided no direct evidence proving China was responsible.

The administration acknowledged earlier this month that hackers stole the personnel files and background investigations of current and former civilian, intelligence and military employees, contractors and even job applicants. Initially, the U.S. said the stolen data included personal identification numbers, birth dates, job actions and other private information for 4.2 million workers.

Days later, it acknowledged that the cyber spies obtained detailed background information on millions of military, intelligence and other personnel who have been investigated for security clearances. That information included details about drug use, criminal convictions, mental health issues and the names and addresses of relatives and any foreigners with whom they had contact.

White House spokesman Josh Earnest on Wednesday said President Barack Obama continues to have confidence in OPM’s director, Katherine Archuleta. But some members of Congress urged her to resign.

A day earlier, Archuleta acknowledged to Congress “a high degree of confidence” that hackers stole information from background investigations for current, former and prospective federal employees. She said OPM had not encrypted the sensitive information because “an adversary possessing proper credentials can often decrypt data.”

The two people who spoke to AP, and a third congressional aide familiar with the case who also spoke on condition of anonymity after classified briefings, said that as many as 14 million current and former employees were affected.

The new disclosures bode poorly for U.S. efforts to quietly and quickly locate the stolen data — especially the detailed personal histories of millions of people with security clearances — on foreign computer servers and hack them to delete, encrypt or corrupt the material to render it useless. The administration has assessed that multiple backup copies have already been made with at least some stored on computers physically disconnected from any networks, the two people involved in the investigation told the AP.

 

[“source –┬ániagarafallsreview.ca”]