Congressman: China exploiting hacked data from 23 million federal employees

by WorldTribune Staff, April 14, 2019

In 2014, Chinese hackers obtained the personnel records of 23 million U.S. federal workers in cyberattacks on the Office of Personnel Management (OPM).

The Chinese government of supreme leader Xi Jinping is gleaning valuable information from the stolen records, said Rep. Chris Stewart, Utah Republican and member of the House Select Committee on Intelligence.

Chinese hackers breached OPM’s computers on two occasions in 2014. / Wikimedia Commons

“They can run through those 23 million names in a heartbeat and connect dots in a heartbeat,” Stewart said during remarks to a meeting of the Committee on the Present Danger: China. “Have we seen evidence that they’ve done that? Absolutely.”

The OPM holds federal government personnel records, including social security numbers and documents known as SF-86s that contain personal information about people who apply for security clearances.

Stewart declined to provide further details, security correspondent Bill Gertz noted in an April 11 report for the Washington Free Beacon.

“The OPM hack was considered one of the most damaging breaches of personnel security for the U.S. government ever,” Gertz noted.

President Donald Trump is moving to eliminate the OPM and shift its responsibilities to three other departments, The Washington Post reported on April 10. If Trump’s administration is successful, the OPM would be the first federal department eliminated since World War II.

The cyberattack on the OPM took place in 2014 but was not discovered until June 2015. The Obama administration kept China’s role in the attack secret.

The first official confirmation that China’s government carried out the cyberattack was made in September by national security adviser John Bolton.

Gertz noted that “The federal government sent notices to the millions of security clearance holders notifying them of the compromise of their personal data. The loss of the sensitive clearance records also includes information on the relatives of security clearance applicants because details about an applicant’s offspring are part of the application process.”

According to a congressional report, the cyberattacks on the OPM were carried out in two hacking operations. The first was on March 20, 2014, and the second on May 7, 2014, when the hackers were disguised as employees of KeyPoint Government Solutions, a subcontractor.

A Chinese national, Yu Pingan, pleaded guilty in February to conspiracy in the hacking of several American companies and was ordered to pay more than $1 million in restitution to Qualcomm, Pacific Scientific, and Riot Games, for his use of a hacking tool called Sakula, Gertz reported.

Sakula was the same malware used by the Chinese in carrying out the OPM hack, although Yu was not linked to the OPM operation.

Ed Timperlake, a former Pentagon official, said the OPM breach was the result of poor computer security. But he also said because China stole sensitive information contained in the SF-86 documents, there should be U.S. retaliation.

“China picked a fight with over 20 million Americans by going at them personally,” Timperlake said. “They came after our most personal information.”

Timperlake said the U.S. government could conduct clandestine hacking or other electronic operations to destroy the stolen OPM records inside China’s networks used by security and intelligence services.

The Chinese military’s Third Department of the General Staff, known as 3PLA, is believed to have been the agency that carried out the attacks. Other reports have said the Ministry of State Security, the civilian intelligence service, carried out the cyber operation.

Another option, Timperlake said, would be to take asymmetric action and conduct destructive cyberattacks on the Chinese intelligence agencies behind the OPM breach, with the goal of damaging the infrastructure and systems used for China’s cyberattacks.

The United States could also conduct personal cyberattacks on Chinese government and Communist Party officials that were linked to the attacks.

“We need to go right back at them,” Timperlake said.

Stewart, the Intelligence Committee member, said he met recently with Xi and asked him whether the United States and China were headed for a conflict. Xi told the congressmen he did not believe the two states are headed for war.

During a more recent meeting with the Chinese leader, Stewart said Xi’s answer to whether a conflict was inevitable was “we will see.”

“That’s a different response. His confidence level is not the same right now as it was five years ago and he views an open lane for him and we have to close that lane as best we can,” Stewart said.

“Look, I don’t want to go to war with China. I have no quarrel with the Chinese people,” he added. “But at the same time I recognize that our governments have a very different view of human rights and the potential for life, liberty and the pursuit of happiness and we have to be willing to defend that.”

Stewart said China is not seeking to be a peer competitor. Instead, Beijing wants to dominate the United States.

“That is their intention to be the dominant power politically, militarily, diplomatically, economically, and other areas as well,” he said. “And they are moving methodically toward that goal.”

Your Intel Brief: Geostrategy-Direct __________ Fix The Media Now