This article is from the source 'nytimes' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.nytimes.com/2014/07/16/world/asia/chinese-hackers-extend-reach-in-us-government.html
The article has changed 6 times. There is an RSS feed of changes available.
| Version 4 | Version 5 |
|---|---|
| Chinese Hackers Extending Reach to Smaller U.S. Agencies, Officials Say | Chinese Hackers Extending Reach to Smaller U.S. Agencies, Officials Say |
| (about 1 month later) | |
| WASHINGTON — After years of cyberattacks on the networks of high-profile government targets like the Pentagon, Chinese hackers appear to have turned their attention to far more obscure federal agencies. | |
| Law enforcement and cybersecurity analysts in March detected intrusions on the computer networks of the Government Printing Office and the Government Accountability Office, senior American officials said this week. | Law enforcement and cybersecurity analysts in March detected intrusions on the computer networks of the Government Printing Office and the Government Accountability Office, senior American officials said this week. |
| The printing office catalogs and publishes information for the White House, Congress and many federal departments and agencies. It also prints passports for the State Department. The accountability office, known as the congressional watchdog, investigates federal spending and the effectiveness of government programs. | The printing office catalogs and publishes information for the White House, Congress and many federal departments and agencies. It also prints passports for the State Department. The accountability office, known as the congressional watchdog, investigates federal spending and the effectiveness of government programs. |
| The attacks occurred around the same time Chinese hackers breached the networks of the Office of Personnel Management, which houses the personal information of all federal employees and more detailed information on tens of thousands of employees who have applied for top-secret security clearances. | The attacks occurred around the same time Chinese hackers breached the networks of the Office of Personnel Management, which houses the personal information of all federal employees and more detailed information on tens of thousands of employees who have applied for top-secret security clearances. |
| Some of those networks were so out of date that the hackers seemed confused about how to navigate them, officials said. But the intrusions puzzled American officials because hackers have usually targeted offices that have far more classified information. | Some of those networks were so out of date that the hackers seemed confused about how to navigate them, officials said. But the intrusions puzzled American officials because hackers have usually targeted offices that have far more classified information. |
| It is not clear whether the hackers were operating on behalf of the Chinese government. But the sophisticated nature of the attacks has led some American officials to believe that the government, which often conducts cyberattacks through the military or proxies, played a role. | It is not clear whether the hackers were operating on behalf of the Chinese government. But the sophisticated nature of the attacks has led some American officials to believe that the government, which often conducts cyberattacks through the military or proxies, played a role. |
| Shawn Henry, an executive at the cybersecurity company CrowdStrike and a former top F.B.I. cybersecurity official, said the attacks were “indicative of a state-run intelligence agency” because that is one of the few groups that would want such information. | Shawn Henry, an executive at the cybersecurity company CrowdStrike and a former top F.B.I. cybersecurity official, said the attacks were “indicative of a state-run intelligence agency” because that is one of the few groups that would want such information. |
| Mr. Henry said that foreign intelligence agencies spent a fair amount of time trying to break into heavily protected networks with troves of secret information. But hackers will also open the doors of obscure agencies just to see what they may have. | Mr. Henry said that foreign intelligence agencies spent a fair amount of time trying to break into heavily protected networks with troves of secret information. But hackers will also open the doors of obscure agencies just to see what they may have. |
| “Along the way you’re going to shake a lot of doorknobs,” he said. “You may not spend a lot of time in that place, but if the door is unlocked, why not look in?” | “Along the way you’re going to shake a lot of doorknobs,” he said. “You may not spend a lot of time in that place, but if the door is unlocked, why not look in?” |
| Government networks are attacked nearly every day, but the intruders are rarely successful. The breaches in March were significant enough that F.B.I. agents in Washington have opened an investigation into the attacks, which the agents say they believe are connected. | Government networks are attacked nearly every day, but the intruders are rarely successful. The breaches in March were significant enough that F.B.I. agents in Washington have opened an investigation into the attacks, which the agents say they believe are connected. |
| James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said that it made sense for foreign hackers to target the networks of the accountability office and the personnel office, but that the printing office was curious. | James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said that it made sense for foreign hackers to target the networks of the accountability office and the personnel office, but that the printing office was curious. |
| “G.A.O. looks at military, intelligence and economic programs, and you would want to see the information they have that hasn’t been made public, like their notes,” he said. “O.P.M. has all the information on security clearances, and who is applying for them.” | “G.A.O. looks at military, intelligence and economic programs, and you would want to see the information they have that hasn’t been made public, like their notes,” he said. “O.P.M. has all the information on security clearances, and who is applying for them.” |
| “But was G.P.O. a mistake?” Mr. Lewis said. “Is it just them not understanding how things work or not understanding what it stands for? They could have found a way in, and these were the agencies that came up. This is some guy sitting in an office in China who doesn’t have a sophisticated understanding of how the U.S. government works and doesn’t have a lot of direction.” | “But was G.P.O. a mistake?” Mr. Lewis said. “Is it just them not understanding how things work or not understanding what it stands for? They could have found a way in, and these were the agencies that came up. This is some guy sitting in an office in China who doesn’t have a sophisticated understanding of how the U.S. government works and doesn’t have a lot of direction.” |
| The attacks occurred at a time when cybersecurity disputes between the United States and China have grown more contentious, with each side accusing the other of unethical, if not criminal, behavior. | The attacks occurred at a time when cybersecurity disputes between the United States and China have grown more contentious, with each side accusing the other of unethical, if not criminal, behavior. |
| In May, the Justice Department unsealed an indictment that charged five hackers who worked for the People’s Liberation Army with stealing corporate secrets, in an attempt to deter the Chinese from attacks on American corporations. | In May, the Justice Department unsealed an indictment that charged five hackers who worked for the People’s Liberation Army with stealing corporate secrets, in an attempt to deter the Chinese from attacks on American corporations. |
| The Chinese have countered by saying that the Obama administration was hypocritical. Citing disclosures from Edward J. Snowden, the former National Security Agency contractor, China said the N.S.A. had gone deep into the computer systems of Huawei, a Chinese company that makes computer network equipment, and had spied on Chinese military and political leaders. | The Chinese have countered by saying that the Obama administration was hypocritical. Citing disclosures from Edward J. Snowden, the former National Security Agency contractor, China said the N.S.A. had gone deep into the computer systems of Huawei, a Chinese company that makes computer network equipment, and had spied on Chinese military and political leaders. |
| The accountability office and the printing office said in statements that the hackers had not able been to get their hands on any personal identification information. | The accountability office and the printing office said in statements that the hackers had not able been to get their hands on any personal identification information. |
| But the accountability office said that it had been forced to remove several servers that had been infected in the attacks, and that it had taken “additional steps to strengthen the security” of its system. With help from the Department of Homeland Security and outside specialists, the agency said it analyzed “the extent of the malware” that was embedded during the attacks and eradicated it. | But the accountability office said that it had been forced to remove several servers that had been infected in the attacks, and that it had taken “additional steps to strengthen the security” of its system. With help from the Department of Homeland Security and outside specialists, the agency said it analyzed “the extent of the malware” that was embedded during the attacks and eradicated it. |
| The agency said in the statement that it had scanned all of its servers and work stations and had found no evidence “that any audit records, federal agency records or personally identifiable information” had been removed. | The agency said in the statement that it had scanned all of its servers and work stations and had found no evidence “that any audit records, federal agency records or personally identifiable information” had been removed. |
| “In fact,” it added, “servers with information on our audit work and report drafts did not have malware, and classified and other sensitive data work stations are not connected to our network.” | “In fact,” it added, “servers with information on our audit work and report drafts did not have malware, and classified and other sensitive data work stations are not connected to our network.” |
| The accountability office played down the significance of the attack on its system, saying “this effort to gain access” was not surprising because federal agencies reported 9,883 malware attacks in the 2013 fiscal year. | The accountability office played down the significance of the attack on its system, saying “this effort to gain access” was not surprising because federal agencies reported 9,883 malware attacks in the 2013 fiscal year. |
| Mr. Lewis said he believed that the office’s release of the figure on the number of malware attacks on federal agencies was one of the first times the federal government had disclosed such information. That number is difficult to assess, he said, because it is unclear how many of those attacks resulted in intrusions. | Mr. Lewis said he believed that the office’s release of the figure on the number of malware attacks on federal agencies was one of the first times the federal government had disclosed such information. That number is difficult to assess, he said, because it is unclear how many of those attacks resulted in intrusions. |
| The accountability office declined to say how often it sustained such attacks, and cybersecurity experts said that only some malware attacks led to an F.B.I. investigation. | The accountability office declined to say how often it sustained such attacks, and cybersecurity experts said that only some malware attacks led to an F.B.I. investigation. |
| “We’re not going to get into a history of how many times we have or have not been attacked,” said Charles Young, a spokesman for the agency. | “We’re not going to get into a history of how many times we have or have not been attacked,” said Charles Young, a spokesman for the agency. |
| The printing office said only that it had recently been “notified of a potential intrusion of our network,” adding that it had “responded immediately to mitigate risks and ensure the security of our systems.” | The printing office said only that it had recently been “notified of a potential intrusion of our network,” adding that it had “responded immediately to mitigate risks and ensure the security of our systems.” |
| Because labor is inexpensive in China, there are many hackers. They often break into whatever they can and move on to their next target if they do not find anything that interests them. | Because labor is inexpensive in China, there are many hackers. They often break into whatever they can and move on to their next target if they do not find anything that interests them. |
| “Everyone moans about the N.S.A., but people don’t realize the Chinese are doing the same things to us,” Mr. Lewis said. | “Everyone moans about the N.S.A., but people don’t realize the Chinese are doing the same things to us,” Mr. Lewis said. |