Chinese Hackers Penetrate US Federal Government Personnel Office Exposing Applicants For Top Secret Clearances
According to the New York Times, top government officials have stated that Chinese hackers penetrated US government networks in March, potentially gaining access to thousands of dossiers on exactly which US citizens have applied for and been granted Top Secret clearance. The federal government did succeed in blocking the attack, but it's not clear how much data the Chinese could have gained. In theory, they might have gotten specific records, including the previous jobs of various applicants, data on wives, children, and personal habits.
From the Times:
The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data. Federal employees who have had security clearances for some time are often required to update their personal information through the website.Of course, this disclosure has been timed to coincide with a visit by John Kerry as part of the annual Strategic and Economic Dialogue between the US and China. It comes as increased tensions in the Asia-Pacific region have both nations jockeying for power -- the United States has publicly warned China about its aggressive policies concerning the Senkaku Islands.
The agencies and the contractors use the information from e-QIP to investigate the employees and ultimately determine whether they should be granted security clearances, or have them updated.
Cybersecurity issues and tensions are also running hot between the two nations; China is still angry over how Huawei was treated in the wake of the Snowden disclosures, while Cisco has warned that counterfeit routers coming out of China may be a fundamental risk to its own security and that of its customers. The US also issued high-profile indictments of multiple Chinese hackers earlier this year -- an action that was basically symbolic but nonetheless angered Chinese officials. Multiple attacks and attempted intrusions have been linked to specific Chinese hacker groups that often operate with the explicit authority and backing of the Chinese military.
The Obama Administration has defended its decision to keep the attack quiet until now, saying that it doesn't release details on every attack and has no reason to believe any personal information was actually taken. The decision actually makes sense if you view this as political theater -- the United States sat on embarrassing information about Chinese behavior until it had a chance to use that information to its diplomatic advantage. Whether this will become a more serious issue or be swept into the churn between our respective nations isn't clear at this point.