President Barack Obama vowed on Monday that the United States would aggressively bolster its cyber defenses, as U.S. officials said the probe into a massive breach of federal government networks has yielded growing signs of a direct Chinese role.
Obama stopped short of pointing the finger at Beijing for the recent cyber attack, which threatens to overshadow broader annual U.S.-China talks in Washington this month at a time when tensions are already high over Beijing’s pursuit of territorial claims in the South China Sea.
“We have to be as nimble, as aggressive and as well-resourced as those who are trying to break into these systems,” Obama told a news conference at the Group of Seven (G7) summit in Germany.
U.S. officials, speaking on condition of anonymity, have blamed Chinese hackers for breaching the computers of the Office of Personnel Management and compromising the records of up to four million current and former employees in one of the biggest known attacks on U.S. federal networks.
The mission of the intruders, the officials said, appears to have been to steal personal information for recruiting spies and ultimately to seek access to weapons plans and industrial secrets.
Though China has denied involvement, U.S. investigators looking into the computer break-in, which was disclosed on Thursday, have uncovered “markings,” or digital signatures, left by the hackers that indicate it was likely an official Chinese government operation, two officials said on Monday.
They did not, however, offer further details as to how they reached that conclusion.
Investigators have all but discarded the notion that Chinese criminal elements might have been behind the hacking and believe it was unlikely the Beijing government hired outside hackers, though one official said that possibility had not been completely ruled out.
U.S. authorities have also begun discussions on whether to go public once they make a final assessment of responsibility, but no consensus on that has emerged, a source familiar with the investigation said.
The White House, which has yet to assign blame, has given no sign whether retaliation might be considered.
In December, U.S. officials moved swiftly to accuse North Korea of being behind a high-profile attack on Sony Corp (6758.T) over a movie depicting the assassination of North Korea’s leader, and Obama vowed that the United States would respond.
But the Obama administration is likely to move cautiously in response to any Chinese role, mindful of the potential harm from escalating cyber warfare between the world’s two biggest economies whose interests are closely intertwined.
OBAMA CITES “SIGNIFICANT VULNERABILITIES”
In Germany on Monday, Obama declined to say whether he believed China was behind the OPM cyber attack, the second in less than a year on the agency that holds personnel data a security clearance information for the federal workforce.
But he said the United States has old computer systems with “significant vulnerabilities” and needs to be “much more aggressive” in stepping up defenses. He urged the U.S. Congress to move forward on passing cybersecurity legislation.
“In some cases, it’s non-state actors who are engaging in criminal activity and potential theft,” he said. “In the case of state actors, they’re probing for intelligence or in some cases trying to bring down systems in pursuit of their various foreign policy objectives.”
U.S. government officials and cyber analysts say Chinese hackers are using high-tech tactics to build massive databases that could be used for traditional espionage, such as recruiting spies, or gaining access to secure data on other networks.
The latest incident gave the hackers access to a trove of personal information, including birthdates, Social Security numbers, previous addresses and security clearances.
One official said the stolen information would enable an intelligence service to chart out relationships among U.S. government employees and build pictures of individuals and their families, potentially enabling them to figure out ways to target or blackmail people for espionage purposes.
“I see this an intelligence play by the Chinese to get as much high-level information about people as they can,” said Mike Walls, a former U.S. Navy cyber warfare commander who is now managing director for security operations at EdgeWave, a private cybersecurity firm.