Is China’s Hand in the Cookie Jar?
Yesterday the White House announced that massive amounts of personal information about federal employees had been exposed due to a breach of government data bases with nearly 3 million records that may have been lost to hackers. Originally the indications were that only data regarding employees in the executive branch were affected, but the breach could reach government-wide in scope and affect millions more current and former employees.
The crime scene investigation is still underway, but as computer forensics specialists do their work, evidence seems to be once again pointing at China, or their agents, as being culpable for the cyber attack. According to one news report, “Sen. Susan Collins, R-Maine, a member of the Senate Intelligence Committee, told the Associated Press that investigators suspect the cyberattack was carried out by the Chinese.” Another report states that, “… federal employees’ data, involving at least four million current and former government workers in an intrusion that officials said apparently originated in China.” China has in recent years been suspect in numerous cyber breaches, and last year several Chinese nationals were indicted by the Justice Department.
This latest incident raises many questions, but three glaring questions are:
1) With all the funds directed at securing our national data, how did this happen and how long has it been going on?
2) What is the underlying reason China is trying to scoop up all this personal data on employees?
3) Why don’t they seem to care that they got caught?
This first question shouldn’t have many people scratching their heads in wonder. The fact is China has a highly professional, well trained and dedicated group of individuals working for their interest, be it for financial advantage or battlefield mapping. They are good, their funding is seemingly unlimited, and they are only getting better.
Why do they want so much big data? Simply because the more fish you catch in your net, the greater your chances of getting ‘the big one’. Having so much data allows hackers to leverage small bits of data into higher and higher access, until they can walk into nearly any government office and open the file drawers.
Why don’t they care is a good question. They have been caught before and they recognize their digital fingerprints will be found all over the place by our forensic experts….but who cares? As an analogy, suppose the FBI found evidence that someone had committed a crime but the culprit was now residing in a country with no extradition….what could be done? Right now the US government can complain all it wants to China about these continued intrusions, but China can continue to deny everything despite evidence to the contrary. And, why should they worry, as Murse notes “The largest foreign holder of U.S. debt is China, which owns more about $1.2 trillion in bills, notes and bonds, according to the Treasury.” And according to Amadeo, “The U.S. trade deficit with China was $318.7 billion in 2013. This is a new record, up slightly from last year’s record of $315 billion.” The trade deficit continues to grow year by year. Combined with China’s aggressive activity in the South China Sea that no one seems to be able to rein in, it seems fairly clear that China is flexing its muscle and virtually daring anyone to say or do anything to prevent them from acting at will.
Where is all this leading? Time will tell…let’s hope that these recent actions do not lead to greater issues that cannot be undone.
Please follow us on Twitter and receive our daily cybersecurity blogs!
Amadeo, K. (2014). U.S. China Trade Deficit: Causes, Effects and Solutions. Retrieved from the Internet at http://useconomy.about.com/od/tradepolicy/p/us-china-trade.htm
Murse, T. (2015) How Much U.S. Debt Does China Really Own? Retrieved from the Internet at http://usgovinfo.about.com/od/moneymatters/ss/How-Much-US-Debt-Does-China-Own.htm