State-sponsored Chinese hackers have broken into US government networks again.
Last year, Chinese hackers broke into the computer system of the United States Office of Personnel Management (OPM). Their target: the files of tens of thousands of federal employees who had applied for Top Secret security clearances.
Now, despite an “aggressive” upgrade of its security after last year’s breach, the OPM has again been breached by Chinese hackers.
This time, the intrusion was far larger. About four million current and former employees of the US government had their information compromised.
According to the Washington Post, US officials have said the hackers were state-sponsored. Some commentators have wondered why the Chinese government would want personal information on US federal employees, but the answer isn’t hard to figure out.
These personnel files will help the hackers in crafting further attacks and installing malware on US computer networks. As the Post article notes, “The personal information exposed could be useful in crafting ‘spear-phishing’ e-mails, which are designed to fool recipients into opening a link or an attachment so that the hacker can gain access to computer systems.”
The recent string of successful foreign attacks reflect very poorly on the security of US networks. For example, in 2014, Russia successfully broke into US government email systems, including the US State Department and the Executive Office of the President.
But this second attack on the OPM is especially embarrassing. Donna Seymour, the agency’s CTO, told the Post that after the OPM was breached in 2014 the agency implemented “an aggressive effort to update our cybersecurity posture, adding numerous tools and capabilities to our networks.”
She then tried to put a positive spin on this incident by explaining that, “As a result of adding these tools, we were able to detect this intrusion into our networks.”
Notice what happened here. Despite the OPM’s “aggressive effort” to update their security, and all the “numerous tools and capabilities” they added, they still couldn’t keep the Chinese hackers out of their networks.
All that the “updated posture” did was enable the OPM to notice that they had been hacked… four months after it happened.
(The attacks occurred in December 2014. The OPM didn’t notice them until April 2015.)
This incident shows once again how difficult is to implement effective security via traditional solutions (such as security appliances). Here, the Chinese attackers were able to hack into systems that had been hardened specifically against them.
Quite often, if you let hackers have access to your network, they’ll eventually find a way to break in.
A far better approach is to prevent them from getting to your network in the first place.
That’s why Reblaze deploys a unique private cloud around the web assets of each of our clients. When your web assets are protected within a private cloud, legitimate users have normal access to your website — but hackers can’t even find your network.
And if they can’t find it, they can’t break into it.
Traditional solutions are growing obsolete. Isn’t it time you upgraded your web security?
photo credit: Fingerprint by CPOA (license)