Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

US Calls for Cyber Reform After Massive Hack

The White House on Friday urged Congress to come out of the “dark ages” and pass new cyber security rules, using a massive security breach to press its case for reform.

The White House on Friday urged Congress to come out of the “dark ages” and pass new cyber security rules, using a massive security breach to press its case for reform.

President Barack Obama’s allies seized on news of that data on four million government employees had been compromised to press for legislation stalled in the Republican-dominated Congress.

“The fact is, we need the United States Congress to come out of the dark ages and come into the 21st century to make sure we have the kinds of defenses that are necessary to protect a modern computer system,” said White House spokesman Josh Earnest.

Senate Intelligence Committee vice chairman Dianne Feinstein, a Democrat, joined the White House drive.

“Congress must take action,” to speed notifications on breaches and increase cooperation between the government and private companies.

“It’s impossible to overstate this threat,” she said.

“Trillions of dollars, the private data of every single American, even the security of critical infrastructure like our power grid, nuclear plants and drinking water are all at risk.”

The US government on Thursday admitted hackers accessed the personal data of current and former federal employees, in a huge cyber-attack suspected to have originated in China.

The breach of the Office of Personnel Management included records on 750,000 Department of Defense civilian personnel.

The New York Times reported Friday that the inspector general of the department had warned in November that the office’s database was vulnerable to cyber-attack.

The newspaper reported that by the time the warning was published, hackers had plundered tens of thousands of files containing security clearances, laying the groundwork for the massive attack revealed on Thursday.

“The mystery here is not how they got cleaned out by the Chinese. The mystery is what took the Chinese so long,” one senior former US government official was quoted by the Times as saying.

The United States has repeatedly accused China of waging cyber warfare in recent years, claims Beijing routinely denies.

In 2013, US Internet security firm Mandiant said hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies “are based primarily in China and that the Chinese government is aware of them.”

One group, it said, was believed to be a branch of the People’s Liberation Army called Unit 61398, and digital signatures from its cyber-attacks were traced back to a building in Shanghai.

Last year, five members of the unit were indicted by US federal prosecutors on charges of stealing information from companies, including nuclear plant manufacturer Westinghouse, SolarWorld and US Steel.

Beijing angrily hit back on Friday at claims the latest attack had originated in China, describing the allegation as “irresponsible.”

“Cyber-attacks are generally anonymous and conducted across borders and their origins are hard to trace,” foreign ministry spokesman Hong Lei said at a regular briefing.

“Not to carry out a deep investigation and keep using words such as ‘possible’ is irresponsible and unscientific,” he added.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.