Ellen Nakashima: With a Series of Major Hacks, China Builds a Database on AmericansPosted: June 5, 2015
China hacked into the federal government’s network, compromising four million current and former employees
Ellen Nakashima reports: China is building massive databases of Americans’ personal information by hacking government agencies and U.S. health-care companies, using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary, U.S. officials and analysts say.
“This is part of their strategic goal — to increase their intelligence collection via big data theft and big data aggregation. It’s part of a strategic plan.”
— U.S. government official, on condition of anonymity
Groups of hackers working for the Chinese government have compromised the networks of the Office of Personnel Management, which holds data on millions of current and former federal employees, as well as the health insurance giant Anthem, among other targets, the officials and researchers said.
“We wish the United States would not be full of suspicions, catching wind and shadows, but rather have a larger measure of trust and cooperation.”
— Chinese Foreign Ministry spokesman Hong Lei
“They’re definitely going after quite a bit of personnel information,” said Rich Barger, chief intelligence officer of ThreatConnect, a Northern Virginia cybersecurity firm. “We suspect they’re using it to understand more about who to target [for espionage], whether electronically or via human recruitment.”
The targeting of large-scale databases is a relatively new tactic and is used by the Chinese government to further its intelligence-gathering, the officials and analysts say. It is government espionage, not commercial espionage, they say.
“They would leverage this data to get to diplomatic, political, military and economic intelligence that they typically target.”
“This is part of their strategic goal — to increase their intelligence collection via big data theft and big data aggregation,” said a U.S. government official, who, like others, spoke on condition of anonymity to discuss a sensitive topic. “It’s part of a strategic plan.”
One hack of the OPM, which was disclosed by the government Thursday, dates at least to December, officials said. Earlier last year, the OPM discovered a separate intrusion into a highly sensitive database that contains information on employees seeking or renewing security clearances and on their background investigations.
“So now the Chinese counterintelligence authorities know which American officials are meeting with which Chinese.”
Once harvested, the data can be used to glean details about key government personnel and potential spy recruits, or to gain information useful for counterintelligence. Records in OPM’s database of background investigations, for instance, could contain a complete history of where an individual has lived and all of his or her foreign contacts in, say, China. “So now the Chinese counterintelligence authorities know which American officials are meeting with which Chinese,” a China cyber and intelligence expert said.
“For bigger data storage, for bigger data theft. And when you can gain it in bulk, you take it in bulk.”
— China cyber and intelligence expert
The data could help Chinese analysts do more effective targeting of individuals, said a former National Security Agency official. “They can find specific individuals they want to go after, family members,” he said.
The trend has emerged and accelerated over the past 12 to 18 months, the official said. An increase in Chinese capability has opened the way “for bigger data storage, for bigger data theft,” he said. “And when you can gain it in bulk, you take it in bulk.”
The Chinese government, he said, is making use of Chinese companies that specialize in aggregating large sets of data “to help them in sifting through” the information for useful details. “The analogy would be one of our intelligence organizations using Google, Yahoo, Accenture to aggregate data that we collected.”
China on Friday dismissed the allegation of hacking as “irresponsible and unscientific.”
Chinese Foreign Ministry spokesman Hong Lei said Beijing wanted to cooperate with other nations to build a peaceful and secure cyberspace….(read more)
Simon Denyer in Beijing contributed to this report.