President Barack Obama says the United States is going to have to be much more aggressive when it comes to cybersecurity, but he refused to say who he believes is behind the massive hacking of U.S. government computers revealed last week.
Obama was questioned about the data breach at a news conference Monday at the end of the G7 summit in Germany.
On Sunday, the chairman of the House of Representatives Homeland Security Committee, Congressman Michael McCaul, said “threat indicators” point to China being responsible for the hacking of U.S. government computers revealed last week.
McCaul, appearing on U.S. television Sunday, said the hacking of computer systems at the Office of Personnel Management (OPM) involving the records of up to four million current and former federal employees is the most significant breach of federal networks in U.S. history.
"We look at the threat indicators. Who has the motive and intent to steal this data? This is a huge data-mining project and it targets political appointees in the federal government and federal employees, four million of them. In my judgment, this was an attack by China against the United States government. It quantifies to espionage," said McCaul.
McCaul said the source of the attack, discovered in April and made public last Thursday, has not yet been confirmed, but the way it was carried out suggests to him the Chinese government was involved.
"It was not done to steal credit card information and that kind of theft. It was done to get personal information on political appointees in the federal government and federal employees to exploit them so that later, down the road, they can use that for espionage to either recruit spies or compromise individuals in the federal government," he said.
Referring to the breach earlier this year of tens of millions of personal files at the Anthem health insurance company, McCaul said the attack on OPM came from the same source in China.
China has called the accusation irresponsible and unscientific. An editorial published Monday in the state-controlled Global Times daily newspaper characterized the hacker issue as a "stick with which the United States readily beats China," but one that the U.S. "is never able to provide concrete evidence."
A Chinese foreign ministry spokesman has said such attacks are generally anonymous and their origins are hard to trace.
Appearing on a separate program Sunday, Congressman Adam Schiff, ranking member of the House Intelligence Committee, said there are only two possibilities regarding such a sophisticated attack.
"Either a state actor or a group of very sophisticated private hackers who often work in concert with the state and the motivation is either going to be fraud in terms of ripping off peoples’ identity or, if it’s a state-sponsored attack, it will be personal information that can be exploited to identify people who might be working in the intelligence community, and the real challenge, I think, is that in this age of asymmetric cyber-warfare those on the offense have all the advantage. It’s very expensive to defend. You just need one open door and you’re vulnerable, and you can often attack with anonymity and be free of repercussions. And, I think one of the big things we have to do, in addition to our defense, is figure out when we’re going to go on offense and how we’re going to provide a deterrent to future attacks," said Schiff.
White House spokesman Josh Earnest, during the Group of Seven summit in Germany, said the investigation into the OPM hacking by the Federal Bureau of Investigation continues.
"The identities of the individuals and the motives of those who carried out this intrusion are still the subject of this ongoing investigation. So, I don’t want to say anything that would get ahead that ongoing investigation," said Earnest.
China analyst Scott Kennedy of the Washington-based Centers for Strategic and International Studies said he is suspicious of Chinese involvement given their recent statements do not include a clear denial. Kennedy describes the bilateral relationship as complex, but cautions that distrust is on the rise.
"We can address day-to-day issues trade, commercial issues, some types of security issues, even Iran, but on the sensitive issues, basically both sides seem to be dug in and Xi Jinping and the leadership in China, I think, is testing the Obama Administration given that’s in its last year and a half. They’re trying to push to see how much they can get without getting significant pushback from the United States," said Kennedy.
Kennedy said that if it is determined the attack emanated from China, it is of such magnitude and sophistication that it could not have been the work of rogue Chinese hackers alone.
Cybersecurity analyst Ria Baldevia, a non-resident fellow at the Hawaii-based Pacific Forum, said the latest hacking incident is not only a serious national security issue, and that the stealing of millions of people’s identities has made them vulnerable to identity theft.
The United States and China are scheduled to hold their latest round of strategic and economic dialogue in two weeks in Washington.
