OPM Hack Was Criminal - Not China Government Sponsored

China's official Xinhua news agency said recently that an investigation into a massive US computer breach last year that affected more than 22 million federal workers found the hacking attack was criminal, not state-sponsored.

In an article about a meeting between top US and Chinese officials on cyber security issues held in Washington, Xinhua said the breach at the United States Office of Personnel Management (OPM) was among the cases discussed.

The report did not give details of who conducted the investigation, or whether, the US and Chinese officials, both agreed with the conclusion.

OPM has been under scrutiny from lawmakers and the public ever since it disclosed earlier this year that it had fallen victim to two cyber attacks, which officials have privately linked to Chinese hackers.

The intrusions exposed sensitive personal information, including names, Social Security numbers and addresses of more than 22 million current and former federal employees and contractors, in addition to 5.6 million fingerprints.

Top US and Chinese officials convened in Washington for the first round of cyber security talks following the signing of a bilateral anti-hacking accord in September. Talks recently were seen as potentially significant in establishing acceptable norms for cyber espionage.

China and the US reached a broad agreement on the joint fight against cyber crimes, and will set up a hotline for these issues, according to Xinhua and CCTV, China's state-operated national broadcaster.

CCTV said a spokesperson for the Department of Homeland Security declined to comment on any agreement. The next meeting is scheduled for next June, Xinhua said.

Along with the OPM hack, officials from the two countries identified other cases to work on, reached further consensus on fighting cyber terrorism and agreed on programs to boost the fight against cyber crimes, Xinhua said, without giving further details.

It also marks an ongoing effort to repair bilateral relations after China withdrew from a working group last year in response to the US indictment of five members of its military on charges it hacked six US companies.

Reuters

 

 

« Five Cyber Security Predictions for 2016
IoT Turns Cities Into Cyber Battlegrounds »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

National Cyber Security Centre (NCSC) - Norway

National Cyber Security Centre (NCSC) - Norway

NCSC is part of the Norwegian Security Authority, and is Norway's national cyber security hub and the national CERT.

ManTech International

ManTech International

ManTech provides comprehensive, integrated cyber security support, which includes computer and network design, implementation, and operations.

MetaFlows

MetaFlows

MetaFlows’ SaaS malware detection & prevention software passively analyzes the behavior and the content of Internet traffic.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

Industrial Cyber-Physical Systems Center (iCyPhy)

Industrial Cyber-Physical Systems Center (iCyPhy)

The goal of iCyPhy is to conduct pre-competitive research on architectures and design, modeling, and analysis techniques for cyber-physical systems.

IoT European Research Cluster (IERC)

IoT European Research Cluster (IERC)

IERC brings together EU-funded projects with the aim of defining a common vision for IoT technology and development research challenges.

VKANSEE

VKANSEE

VKANSEE offer the world's thinnest optical fingerprint sensor for mobile device protection.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

CyPhyCon

CyPhyCon

CyPhyCon is an annual event exploring threats and solutions to cyber attacks on cyber-physical systems such as industrial control systems, Internet of Things and Industrial Internet of Things.

Macomb-OU Incubator

Macomb-OU Incubator

Macomb-Oakland University Incubator supports startup and emerging companies in the niche industries of defense, homeland security, advanced manufacturing and technology.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

ST Engineering Antycip

ST Engineering Antycip

ST Engineering Antycip (formerly Antycip Simulation) is Europe’s leading provider of professional grade COTS simulation software, projection & display systems, and related engineering services.

Bytes Technology Group

Bytes Technology Group

Bytes is a leading provider of world-class IT solutions. Our growing portfolio of services includes cloud, security, licensing, SAM, storage, virtualisation and managed services.

DESCERT

DESCERT

DESCERT offers you an extended IT, cyber security, risk advisory & compliance audit team which provides strategic guidance, engineering and audit services.

Radiant Security

Radiant Security

Radiant Security offers an AI-powered security co-pilot for Security Operations Centers (SOCs). Reinforce your SOC with an AI assistant.