Within the last year, OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its networks. As a result, in April 2015, OPM became aware of the incident affecting its IT systems and data that predated the adoption of these security controls. It is thought that the Department of Homeland Security’s (DHS) new Einstein intrusion detection system, which screens federal Internet traffic to identify potential cyber threats, identified the hack of OPM’s systems and the Interior Department’s data center, which is shared by other federal agencies.
Since the incident was identified, OPM has partnered with the DHS’s US Computer Emergency Readiness Team (US-CERT), and the Federal Bureau of Investigation to determine the impact to Federal personnel. OPM also immediately implemented additional security measures to protect the sensitive information it manages.
Global media has already been awash with headlines citing China as the source of the attack. These claims appear tostem from comments made to Reuters news agency on June 4. First, a US law enforcement source told the news agency that a “foreign entity or government” was believed to be behind the attack. Reuters added that authorities were looking into a possible Chinese connection, quoting a source close to the matter. Further reports in the New York Times and Washington Post also suggested China was to blame, both citing unnamed sources.
Beijing has been quick to issue a denial. At a news briefing on June 5, China’s foreign ministry spokesman Hong Lei branded the accusations irresponsible and unscientific.
A Pentagon report released in April said hackers associated with the Chinese government repeatedly targeted US military networks seeking intelligence during 2014.
In order to mitigate the risk of fraud and identity theft, OPM is offering affected individuals credit monitoring services and identity theft insurance with CSID, a company that specializes in identity theft protection and fraud resolution. This 18-month membership includes credit report access, credit monitoring, identity theft insurance, and recovery services and is available immediately at no cost to affected individuals identified by OPM.
As mentioned in a recent Homeland Security Today report, the DHS and China’s Ministry of Public Security have been working on reestablishing a cyber dialogue. These latest allegations, whether true or not, are unlikely to be a catalyst for progress.