Combatting the threat of state-sponsored hacking

The threat of state-sponsored cyberattacks

A massive cyberattack against the U.S. government may have compromised the personal information of as many as 14 million people -- possibly every single current or retired employee of the federal government, and up to one million former employees. Social security numbers, security clearances, foreign contacts and other sensitive data may have been included.

Though the U.S. has not officially pointed the finger at China, many experts and politicians believe the Chinese government likely was behind the attack on the Office of Personnel Management (OPM), the federal government's human resources department.

House Homeland Security Committee Chairman Michael McCaul, R-Texas, said as much on CBS' "Face the Nation," and called the hack "the most significant breach of federal networks in U.S. history."

Beyond exposing individuals' private data, the attack highlights the pervasive threat to national security posed by state-sponsored hackers.

Of all the facets of cybersecurity, "the problem that is the most daunting is the state-funded attacks," Michael DeCesare, CEO of network security company ForeScout, told CBS News.

14 million government workers may have been targeted in hack

Without commenting specifically on the likelihood of China's involvement in the OPM breach, DeCesare said that while it's often unclear whether perpetrators of cyber crimes were individuals, governments or individuals contracted by governments, the scope of certain major attacks suggests a large and well-financed backer.

"If something came from Russia, as an example, it's difficult to know if it was the Russian government or just a group inside of Russia," he said. "But when you look at the technological sophistication of the malware -- the millions of lines of code that go into a piece of malware that comes after a company -- it's hard to imagine that could be generated by anybody except a state-funded attack."

It is known that the Chinese have been attacking both government and private systems in the U.S. for years, "trying to compile as much data as possible," according to CBS News Senior National Security Analyst Juan Zarate.

China denied accusations it was responsible for the Anthem health insurance company hack in February that compromised the personal records of 80 million people.

FBI suspects China of government hack

"The reality is the Chinese government, though they deny it, have been engaged in official hacking and parastatal hacking using non-state hackers and individuals to get into systems and to exfiltrate data," Zarate said.

What's particularly scary is that we don't know what they're doing with the data. On the more benign end of the spectrum, said Zarate, stolen data could be used for economic espionage -- mining research and development files for a leg up in the global market place. On the other end: espionage, extortion, or plots to find and exploit U.S. vulnerabilities.

And there are myriad access points to get in and start gathering digital fodder.

"It's asynchronous warfare," DeCesare said. "The good guys need to protect everything that's online. The bad guys just need to find one way in."

That could be through familiar avenues like computers or web-connected phones, or through any number of other networked devices, including printers, even a building's HVAC system. "Everything is on the network, and every one of those becomes an attack vector," he said.

"The U.S. government needs to step up, corporations need to step up, and security companies need to step up, and we have to figure out how to combine resources to go up against a technically sophisticated adversary."

Obviously, it's important to fortify computer networks to try to block or at least more quickly detect data breaches, but tackling the bigger problem of nation-state hacking will require diplomatic as well as digital efforts.

Important steps have been taken so far, including the indictment last May of five Chinese military hackers accused of stealing trade secrets, and President Obama's executive order in April allowing the use of financial sanctions against those who perpetrate or benefit economically from hacking.

"China continues to engage in these activities," Zarate said, "and we need to demonstrate that we can bite back and we're willing to push back."

f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.