Chinese hackers try to access info on federal employees getting security clearances

e-qip

Hat tip to Mary Beth

(New York Times) Chinese hackers in March broke into the computer networks of the United States government agency that houses the personal information of all federal employees, according to senior American officials.

They appeared to be targeting the files on tens of thousands of employees who have applied for top-secret security clearances.

The hackers gained access to some of the databases of the Office of Personnel Management before the federal authorities detected the threat and blocked them from the network, according to the officials.

It is not yet clear how far the hackers penetrated the agency’s systems, in which applicants for security clearances list their foreign contacts, previous jobs and personal information like past drug use. . . .

. . . . American officials say the attack on the Office of Personnel Management was notable because while hackers try to breach United States government servers nearly every day, they rarely succeed.

One of the last attacks the government acknowledged occurred last year at the Department of Energy. In that case, hackers successfully made off with employee and contractors’ personal data.

The agency was forced to reveal the attack because state disclosure laws force entities to report breaches in cases where personally identifiable information is compromised.

Government agencies do not have to disclose breaches in which sensitive government secrets, but no personally identifiable information, has been stolen.

Just a month ago, the Justice Department indicted a group of Chinese hackers who work for the People’s Liberation Army Unit 61398, and charged them with stealing corporate secrets.

The same unit, and others linked to the P.L.A., have been accused in the past of intrusions into United States government computer systems, including in the office of the secretary of defense.

But private security researchers say the indictments have hardly deterred the People’s Liberation Army from hacking foreign targets, and American officials are increasingly concerned that they have failed in their effort to deter computer attacks from China or elsewhere.

“There’s no price to pay for the Chinese,” one senior intelligence official said recently, “and nothing will change until that changes.” . . .

. . . The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data.

Federal employees who have had security clearances for some time are often required to update their personal information through the website.

The agencies and the contractors use the information from e-QIP to investigate the employees and ultimately determine whether they should be granted security clearances, or have them updated.

A representative of the Office of Personnel Management said that monitoring systems at the Department of Homeland Security and the agency office allowed them to be “alerted to a potential intrusion of our network in mid-March.” . . . (read more)

Testimonials
CI/SECURITY ARTICLES
Threats are Out There