The Rippleshot Data Breach Blog

Walking A Tight Rope Between Cybersecurity and Foreign Affairs - China

Written by Zach Walker | Oct 7, 2015 3:35:33 PM


Welcome to the second part of our blog series on cybersecurity and foreign affairs. Last week, we covered the recent data breaches and security incidents involving Russian-based hackers that have targeted organizations here in the United States, including the Internal Revenue Service (IRS) and the White House. 

This week, we shift our focus from Russia to the People’s Republic of China. In the last 12 months, we’ve seen security incidents like the data breach involving the Office of Personnel Management (OPM) severely impact how the U.S. government interacts with other sovereign nations.

A Cybesecurity Showdown Behind The Curtains

Back in August, the University of Connecticut announced that it had been the victim of a data breach , exposing the personal information of an unknown number of individuals. A network intrusion had occurred at the university’s school of engineering in March of 2015. The breach went on for nearly a year and a half, requiring a forensic investigation to be conducted by the university and Dell SecureWorks.

After the investigation was completed, the University of Connecticut identified that the security breach originated in China. University officials believe that the true target of the attack was the sensitive information pertaining to roughly 200 research sponsors, mainly in the government and private sectors. According to a secret National Security Agency (NSA) map that was obtained by NBC News, nearly 700 companies and government agencies have been victims of cyberattacks originating in China over the past five years.

The OPM Data Breach

The Office of Personnel’s Management’s (OPM) data breach has been covered in great detail over the past few months. In July of 2014, OPM began an investigation into its computer networks, discovering a breach that would impact up 21.5 million individuals and federal employees. Up to 5.6 million fingerprints were also stolen in the breach, compromising the security credentials of millions of federal employees. At this time, it is still unclear who is exactly behind the OPM data breach but all signs point to a group of Chinese hackers with potential ties to the Chinese government.

CloudStrike, a security company based out of California, believes that a hacking group dubbed DEEP PANDA  is responsible for the attack. At the same time, FireEye believes they have identified a different group of Chinese hackers responsible for the OPM breach, whose main goal is to steal personally identifiable information (PII). As members of Congress and the Senate continue to gather information surrounding the breach, the ramifications of the breach are already being seen.

The Washington Post is reporting that a number of officers from the Central Intelligence Agency (CIA) have been pulled from the U.S. embassy in China over fears related to the OPM breach. Although CIA employee records were not included in the OPM breach, CIA officials are concerned that their officers’ names would not appear in the personnel files stolen from the State Department.

President Xi Jinping's Historical Visit

As we continue to the evaluate the impact of Office of Personnel Management’s data breach, those close to the investigation have stated that the individuals responsible for the hack have ties to the Chinese government. This report came out less than a month before President Xi Jinping of China made his first visit to the U.S. to meet with President Obama. The two leaders planned to discuss global topics such as climate change, Iran and its’ nuclear program and global cybersecurity standards. There were even reports that the Obama administration was drafting potential sanctions to punish China and other nations that continue to target U.S. businesses and government agencies prior to the meeting.

After President Obama hosted President Xi Jinping for a two-day State visit, the Obama administration outlined the cybersecurity issues that the two leaders discussed. One of the key takeaways from their discussion was that both sides have committed to identifying a standard when dealing with cyberspace in an international setting, and will establish a platform that will promote dialogue between the two nations. Both countries have also agreed to not engage in cyber economic espionage that would target leading businesses in China and here in the United States.

It has been just over a week since President Xi Jinping came to visit the United States for the first time as president of China, but the true test will determine if each country will stand behind their commitment to promoting a less hostile environment in cyberspace.

If you missed the first part of series on cybersecurity and foreign affairs regarding the U.S. and Russia and would like to learn more, click here.

 Want to stay on top of the latest data breach and information security news, sign up for our weekly newsletter below.