In early June, the Department of Homeland Security’s Office of Personnel Management (OPM) announced that China is the likely suspect in a massive Interior Department security breach. Nearly four million federal employees, both current and former, had their records exposed. The OPM is ultimately the human resources arm of the US government and is in charge of carrying out clearance checks. According to Bloomberg, cybercriminals targeted individual data on people who sought clearances. “Other data” was also breached. During the same week, Japan’s government was also breached, which came right on the heels of the US’ announcement that America would contribute to support cybersecurity in Japan. Analysts are quick to point out that these two hacks could be a coincidence, at least until further evidence is gathered, but the majority of experts agree the US attack is likely tied to recent hacks at Premera and Anthem.
Bloomberg spoke with an iSight Partners member, John Hultquist, who says, “Forensic evidence indicates that the group of hackers responsible for the US government breach announced Thursday likely carried out attacks on health insurance providers Anthem Inc. and Premera Blue Cross that were reported earlier this year.” iSight is a cyber intelligence organization that works closely with investigators during such major federal attacks. There’s also an anonymous source which has spoken with media outlets claiming that China is targeting healthcare data to get leverage for “bribery, blackmail, entrapment and other traditional espionage tools.”
Is There a Doctor in the House?
Still other experts claim that medical data is a current hot commodity for hackers because it can lead to big rewards. The cofounder of ID Experts, Rick Kam, told Forbes, “An electronic healthcare record on the black market is worth somewhere between $60 and $70…compared to a Social Security number that’s worth 50 cents to a dollar. There’s a really significant difference in value on the black market.” It’s too soon to tell if any of these attacks—Anthem, Premera or the federal attack—has been sold, used or further compromised. However, some hackers are patient and can wait months before actually acting on such data. It can take even longer to discover that it’s been used.
Reuters spoke with a law enforcement officer about the breach, who says, “A ‘foreign entity or government’ was believed to be behind the cyber attack.” Currently, the incident is under investigation, but the Chinese government is keeping quiet. However, the Chinese Foreign Ministry spokesperson has said, “Such accusations had been frequent of late and were irresponsible.” Thus far, The Huffington Post, The New York Times and Washington Post have all released a statement that they believe China is the hacker.
Let the Finger Pointing Commence
According to Sen. Susan Collins, Rep. of Maine and a member of the Senate intelligence committee, “The hackers were believed to be based in China…the breach was yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.” It’s possible that such an attack could ultimately impact every US federal agency.
It’s estimated by The Whir that such breaches are going to cost $2.1 trillion in the next four years. President Obama has made some efforts with the $14 billion dollar cybersecurity budget slated for 2016, sanctions on cyber attackers and executive orders to create a cyber-threat center, but it may not be enough to keep all criminals at bay.