This article is from the source 'nytimes' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.nytimes.com/2014/07/16/world/asia/chinese-hackers-extend-reach-in-us-government.html
The article has changed 6 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| Chinese Hackers Extend Reach to Smaller U.S. Agencies, Officials Say | Chinese Hackers Extend Reach to Smaller U.S. Agencies, Officials Say |
| (34 minutes later) | |
| WASHINGTON — After years of cyberattacks on the networks of high-profile government targets like the Pentagon, Chinese hackers appear to have turned their attention to far more obscure federal agencies. | WASHINGTON — After years of cyberattacks on the networks of high-profile government targets like the Pentagon, Chinese hackers appear to have turned their attention to far more obscure federal agencies. |
| Law enforcement and cybersecurity analysts in March detected intrusions on the computer networks of the Government Printing Office and the Government Accountability Office, senior American officials said this week. | Law enforcement and cybersecurity analysts in March detected intrusions on the computer networks of the Government Printing Office and the Government Accountability Office, senior American officials said this week. |
| The printing office catalogs and publishes information for the White House, Congress and many federal departments and agencies. It also prints passports for the State Department. The G.A.O. is known as the “congressional watchdog,” conducting investigations into how the federal government spends money and the effectiveness of its programs. | The printing office catalogs and publishes information for the White House, Congress and many federal departments and agencies. It also prints passports for the State Department. The G.A.O. is known as the “congressional watchdog,” conducting investigations into how the federal government spends money and the effectiveness of its programs. |
| The attacks occurred around the same time Chinese hackers breached the networks of the Office of Personnel Management, which houses the personal information of all federal employees and more detailed information on tens of thousands of employees who have applied for top-secret security clearances. | The attacks occurred around the same time Chinese hackers breached the networks of the Office of Personnel Management, which houses the personal information of all federal employees and more detailed information on tens of thousands of employees who have applied for top-secret security clearances. |
| Some of those networks were so out of date that the hackers seemed confused about how to navigate them, officials said. But intrusions puzzled American officials because hackers have traditionally targeted offices that have far more classified information. | Some of those networks were so out of date that the hackers seemed confused about how to navigate them, officials said. But intrusions puzzled American officials because hackers have traditionally targeted offices that have far more classified information. |
| It is not clear whether the hackers were operating on behalf of the Chinese government. But the sophisticated nature of the attacks has led some American officials to believe that the government, which often conducts cyberattacks through the military or proxies, played a role. | It is not clear whether the hackers were operating on behalf of the Chinese government. But the sophisticated nature of the attacks has led some American officials to believe that the government, which often conducts cyberattacks through the military or proxies, played a role. |
| Shawn Henry, an executive at the cybersecurity company CrowdStrike and a former top F.B.I. cybersecurity official, said the attacks were “indicative of a state-run intelligence agency” because they are one of the few groups that would want such information. | Shawn Henry, an executive at the cybersecurity company CrowdStrike and a former top F.B.I. cybersecurity official, said the attacks were “indicative of a state-run intelligence agency” because they are one of the few groups that would want such information. |
| Mr. Henry said that foreign intelligence agencies were going to spend a fair amount of time attempting to break into heavily protected networks with troves of sensitive information. But, hackers will also open doors of obscure agencies just to see what they may have. | Mr. Henry said that foreign intelligence agencies were going to spend a fair amount of time attempting to break into heavily protected networks with troves of sensitive information. But, hackers will also open doors of obscure agencies just to see what they may have. |
| “Along the way you’re going to shake a lot of doorknobs,” he said. “You may not spend a lot of time in that place, but if the door is unlocked why not look in?” | “Along the way you’re going to shake a lot of doorknobs,” he said. “You may not spend a lot of time in that place, but if the door is unlocked why not look in?” |
| Government networks are attacked nearly every day, but the intruders are rarely successful. The breaches in March were significant enough that F.B.I. agents in Washington have opened an investigation into the attacks, which the agents say they believe are connected. | Government networks are attacked nearly every day, but the intruders are rarely successful. The breaches in March were significant enough that F.B.I. agents in Washington have opened an investigation into the attacks, which the agents say they believe are connected. |
| James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said it made sense for foreign hackers to target the networks of the accountability office and the personnel office, but the printing office was curious. | James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said it made sense for foreign hackers to target the networks of the accountability office and the personnel office, but the printing office was curious. |
| “G.A.O. looks at military, intelligence and economic programs and you would want to see the information they have that hasn’t been made public, like their notes,” he said. “O.P.M. has all the information on security clearances, and who is applying for them.” | “G.A.O. looks at military, intelligence and economic programs and you would want to see the information they have that hasn’t been made public, like their notes,” he said. “O.P.M. has all the information on security clearances, and who is applying for them.” |
| “But, was G.P.O. a mistake? Is it just them not understanding how things work or not understanding what it stands for? They could have found a way in and these were the agencies that came up,” Mr. Lewis said. “This is some guy sitting in an office in China who doesn’t have a sophisticated understanding of how the U.S. government works and doesn’t have a lot of direction.” | “But, was G.P.O. a mistake? Is it just them not understanding how things work or not understanding what it stands for? They could have found a way in and these were the agencies that came up,” Mr. Lewis said. “This is some guy sitting in an office in China who doesn’t have a sophisticated understanding of how the U.S. government works and doesn’t have a lot of direction.” |
| The attacks occurred at a time when cybersecurity disputes between the United States and China have grown more contentious, with both sides accusing the other of unethical, if not criminal, behavior. | The attacks occurred at a time when cybersecurity disputes between the United States and China have grown more contentious, with both sides accusing the other of unethical, if not criminal, behavior. |
| In May, the Justice Department unsealed an indictment that charged five hackers who worked for the People’s Liberation Army with stealing corporate secrets, in an attempt to deter the Chinese from attacks on American corporations. | In May, the Justice Department unsealed an indictment that charged five hackers who worked for the People’s Liberation Army with stealing corporate secrets, in an attempt to deter the Chinese from attacks on American corporations. |
| The Chinese have countered by saying that the Obama administration was hypocritical. Citing disclosures from Edward J. Snowden, the former National Security Agency contractor, Beijing said the N.S.A. had gone deep into the computer systems of Huawei, a Chinese company that manufactures computer network equipment, and had spied on Chinese military and political leaders. | The Chinese have countered by saying that the Obama administration was hypocritical. Citing disclosures from Edward J. Snowden, the former National Security Agency contractor, Beijing said the N.S.A. had gone deep into the computer systems of Huawei, a Chinese company that manufactures computer network equipment, and had spied on Chinese military and political leaders. |
| The G.A.O. and the printing office said in statements that the hackers had not able been to get their hands on any personal identification information. | The G.A.O. and the printing office said in statements that the hackers had not able been to get their hands on any personal identification information. |
| But the G.A.O. said that it had been forced to remove several servers that had been infected in the attacks and that it had taken “additional steps to strengthen the security” of its system. With help from the Department of Homeland Security and outside specialists, the agency analyzed “the extent of the malware” that was embedded during the attacks and eradicated it, its statement said. | But the G.A.O. said that it had been forced to remove several servers that had been infected in the attacks and that it had taken “additional steps to strengthen the security” of its system. With help from the Department of Homeland Security and outside specialists, the agency analyzed “the extent of the malware” that was embedded during the attacks and eradicated it, its statement said. |
| “The experts scanned the entire G.A.O. computer environment of servers and work stations and found no evidence that any audit records, federal agency records or personally identifiable information were comprised or removed from the G.A.O. environment,” the statement said. | “The experts scanned the entire G.A.O. computer environment of servers and work stations and found no evidence that any audit records, federal agency records or personally identifiable information were comprised or removed from the G.A.O. environment,” the statement said. |
| “In fact,” it added, “servers with information on our audit work and report drafts did not have malware, and classified and other sensitive data work stations are not connected to our network.” | “In fact,” it added, “servers with information on our audit work and report drafts did not have malware, and classified and other sensitive data work stations are not connected to our network.” |
| The G.A.O. played down the significance of the attack on its system, saying “this effort to gain access” to its system was not surprising in that federal agencies had reported 9,883 malware attacks in the fiscal year 2013. | The G.A.O. played down the significance of the attack on its system, saying “this effort to gain access” to its system was not surprising in that federal agencies had reported 9,883 malware attacks in the fiscal year 2013. |
| Mr. Lewis said that he believed the figures provided by the G.A.O. about the number of malware attacks a year on federal agencies marked one of the first times the federal government had disclosed such information. It is difficult to assess that number, he said, because it is unclear how many of those attacks resulted in intrusions. | Mr. Lewis said that he believed the figures provided by the G.A.O. about the number of malware attacks a year on federal agencies marked one of the first times the federal government had disclosed such information. It is difficult to assess that number, he said, because it is unclear how many of those attacks resulted in intrusions. |
| The G.A.O. declined to say how often it sustained such attacks, and cybersecurity experts say that only some malware attacks lead to an F.B.I. investigation. | |
| “We’re not going to get into a history of how many times we have or have not been attacked,” Charles Young, a spokesman for the agency said. | “We’re not going to get into a history of how many times we have or have not been attacked,” Charles Young, a spokesman for the agency said. |
| The printing office would say only that it had recently been “notified of a potential intrusion of our network,” adding that it “responded immediately to mitigate risks and ensure the security of our systems.” | The printing office would say only that it had recently been “notified of a potential intrusion of our network,” adding that it “responded immediately to mitigate risks and ensure the security of our systems.” |
| Because labor is inexpensive in China, there are many hackers. The hackers often break into whatever they can and move onto their next target if they do not find anything that interests them. | Because labor is inexpensive in China, there are many hackers. The hackers often break into whatever they can and move onto their next target if they do not find anything that interests them. |
| “Everyone moans about the N.S.A. but people don’t realize the Chinese are doing the same things to us,” Mr. Lewis said. | “Everyone moans about the N.S.A. but people don’t realize the Chinese are doing the same things to us,” Mr. Lewis said. |