OPM Hack Was Criminal - Not China Government Sponsored

China's official Xinhua news agency said recently that an investigation into a massive US computer breach last year that affected more than 22 million federal workers found the hacking attack was criminal, not state-sponsored.

In an article about a meeting between top US and Chinese officials on cyber security issues held in Washington, Xinhua said the breach at the United States Office of Personnel Management (OPM) was among the cases discussed.

The report did not give details of who conducted the investigation, or whether, the US and Chinese officials, both agreed with the conclusion.

OPM has been under scrutiny from lawmakers and the public ever since it disclosed earlier this year that it had fallen victim to two cyber attacks, which officials have privately linked to Chinese hackers.

The intrusions exposed sensitive personal information, including names, Social Security numbers and addresses of more than 22 million current and former federal employees and contractors, in addition to 5.6 million fingerprints.

Top US and Chinese officials convened in Washington for the first round of cyber security talks following the signing of a bilateral anti-hacking accord in September. Talks recently were seen as potentially significant in establishing acceptable norms for cyber espionage.

China and the US reached a broad agreement on the joint fight against cyber crimes, and will set up a hotline for these issues, according to Xinhua and CCTV, China's state-operated national broadcaster.

CCTV said a spokesperson for the Department of Homeland Security declined to comment on any agreement. The next meeting is scheduled for next June, Xinhua said.

Along with the OPM hack, officials from the two countries identified other cases to work on, reached further consensus on fighting cyber terrorism and agreed on programs to boost the fight against cyber crimes, Xinhua said, without giving further details.

It also marks an ongoing effort to repair bilateral relations after China withdrew from a working group last year in response to the US indictment of five members of its military on charges it hacked six US companies.

Reuters

 

 

« Five Cyber Security Predictions for 2016
IoT Turns Cities Into Cyber Battlegrounds »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NCC Group

NCC Group

NCC Group is a global cyber and software resilience business operating across multiple sectors, geographies and technologies.

Agenci

Agenci

Agenci are specialists in cyber security and information security and deliver ISO 27001 Certification.

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

ControlCase

ControlCase

ControlCase provide solutions that address all aspects of IT-GRCM (Governance, Risk Management and Compliance Management).

Identillect Technologies

Identillect Technologies

Identillect Technologies provide a user-friendly secure email solution to protect critical information, with an emphasis on simplicity.

KLDiscovery

KLDiscovery

KLDiscovery is a global leader in delivering best-in-class eDiscovery, information governance and data recovery solutions.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

NITA Uganda (NITA-U)

NITA Uganda (NITA-U)

NITA-U has put in place the Information security framework to provide Uganda with the necessary process, policies, standards and guideline to help in Information Assurance.

A-LIGN

A-LIGN

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to mitigate cybersecurity risks.

GreenWorld Technologies

GreenWorld Technologies

GreenWorld has a proven track record in industry leading IT asset management, secure data destruction and remarketing.

Enterprise Ethereum Alliance (EEA)

Enterprise Ethereum Alliance (EEA)

EEA is a member-led industry organization whose objective is to drive the use of Ethereum blockchain technology as an open-standard to empower ALL enterprises.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

Toka Group

Toka Group

Toka empowers government agencies with critical and previously out-of-reach digital forensics, force protection and Intelligence capabilities, tackling the fields' most pressing challenges.

Labaton Sucharow

Labaton Sucharow

Standing on the horizon of law and technology, our Cybersecurity and Data Privacy Practice helps to protect consumers who have been harmed by businesses’ failures to safeguard their customers' data.

PureSoftware

PureSoftware

PureSoftware is a global software products and digital services company that is driving transformation for the world’s top organizations across various industry verticals.

Opkalla

Opkalla

We started Opkalla because we believe IT professionals deserve better. We help our clients navigate the confusion in the marketplace and choose the solution that is right for your business.

Viatel Technology Group

Viatel Technology Group

Viatel Technology Group is a complete digital services provider. We have over 26 years’ experience delivering fully managed security, networking, cloud and communications services.

M7 Services

M7 Services

M7 Services are a comprehensive Managed Services Provider (MSP) with a focus on delivering cutting-edge information technology solutions and unparalleled customer service.