News Stay informed about the latest enterprise technology news and product updates.

Alleged OPM breach hackers arrested by Chinese government

Hackers arrested by the Chinese government are allegedly the criminals behind the OPM breach, but experts want more evidence before trusting China.

The Chinese government claimed the hackers responsible for the OPM breach were arrested in September, before a...

meeting between Chinese President Xi Jinping and U.S. President Barack Obama, at which an antihacking agreement was reached between the two nations.

Despite a recent report by China's official Xinhua news agency alleging the OPM breach was a criminal case and not state-sponsored, it remained unclear whether the hackers arrested had connections to the Chinese government.

The OPM breach occurred in two waves. The first attack took place in December 2014, and affected 4.2 million background-investigation applications. The second attack was detected in April 2015, and affected an additional 21.5 million records.

The FBI blamed China-based hackers from the start, though it has never been clear if the hackers were connected to the Chinese government or not. And experts said the Chinese government needs to release more details on the arrests.

Adam Meyer, chief security strategist for SurfWatch Labs Inc., in Sterling, Va., noted that there is still no evidence to prove the hackers arrested are those responsible for the attack.

"It's hard to not think, at first glance, that the individuals arrested are simply fall guys to show some level of good faith on China's part to address the issue," Meyer said. "Let's not forget that an arrest does not mean a conviction, and so far, it appears that the Chinese government is keeping the details of the case rather close. There could be several reasons for this, but it's likely that they do not want too many details coming out, because it would either expose government affiliations, or expose that the individuals charged didn't actually have the means to pull off the attacks if they were just fall guys."

Daren Glenister, field CTO at Intralinks Inc., based in New York, said it was suspicious that the announcement came just before another round of talks between China's Public Security Minister Guo Shengkun, U.S. Secretary of Homeland Security Jeh Johnson and Attorney General Loretta Lynch, at which the U.S. and China agreed to take more steps in fighting cybercrime.

"There is no evidence that this is a sign of cooperation -- maybe I am cynical, but when announcements like this happen around a public meeting, it appears to be more staged than reality," Glenister said. "If there is true cooperation, then we should expect to see a series of arrests and exposure of cybercriminals over the coming weeks, rather than a single political act."

Glenister said the history between the U.S. and China makes the news sound more like political theater.

"Both governments have been hacking each other for years. Today, we call it hacking, but in the past, it was called spying," Glenister said. "Today, the spying arena has moved from the 'James Bond era' to cyberterrorism or cyberthreat mitigation. By announcing these arrests, both governments have the ability to tell the world that they do not sanction cyberespionage, while continuing to attack each other behind the scenes."

Meyer was slightly more optimistic about taking this as a sign of better relations between the U.S. and China.

"It does signal some kind of forward progress on the issue, but I still think much more needs to be done before there is even a fraction of trust to be had," Meyer said. "Let's also not forget that even with the ceremony of handshakes, phone calls and criminal proceedings, the data is still lost and that impact remains. Whether the attack was state-sponsored or not, they still have the data and they will use it."

The Department of Homeland Security refused to comment on the news.

Next Steps

Learn more about the disagreement between the U.S. and China over software backdoors.

Learn why no one should be surprised that the OPM breach occurred.

Learn what steps should be taken to avoid another OPM breach.

Dig Deeper on Identity Theft and Data Security Breaches

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

5 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Do you trust the Chinese government that the hackers arrested are responsible for the OPM breach?
Cancel

I do not trust any Communist regime, especially China, Vietnam and Cuba. They are good at control media and cover up. We need to see what they are doing rather than listen to what they said.

Cancel
I may not have reason to trust China, but I have little reason to presume the spinning this article is doing either.   We may never know the truth.
Cancel
Seems we're back to a policy of Duck & Cover. Didn't work then, won't work now. No matter the agreements, no matter the sham arrests, the Chinese government has a long history of cyber prying and data theft. Of course most other governments do too, but that's another story, isn't  it...?
Cancel
I do not trust them any more than they trust us. It's all about image and how it's presented to the rest of the world for them to be the judge.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close