FireEye Identifies Group Linked To Federal Hack

Cybersecurity firm FireEye has traced the roots of the massive cyberattack on the U.S. Office of Personnel Management (OPM) last year to an unnamed group of Chinese hackers that specialized in stealing “personally identifiable information,” or PII data.

Analyzing the footprints of the group, FireEye took Deep Panda, which was tied to the cybersecurity attack on Anthem Health earlier this year, off of its list of suspects.

“We think this group uses similar backdoors to Deep Panda to obtain access to a network but then uses different tactics once they get access to the network,” said Mike Oppenheim, an intelligence operations manager for FireEye, in an interview with Re/code.

“Based on the tools and tactics, FireEye Intelligence thinks that the group that compromised OPM’s networks is different from the activity of Deep Panda,” he added.

The attack on OPM reportedly compromised the data of 4 million federal employees and retirees and has been identified as the largest breach of federal employee data recently.

A Washington Post article identified the lack of seriousness among federal departments as the reason behind such breaches. Per an OPM inspector general’s report that the article cited, the agency couldn’t even find all of its equipment, which should have been better protected against cybertheft attempts.

“OPM does not maintain a comprehensive inventory of servers, databases and network devices,” read the audit that reviewed the agency’s operations.

“You can’t defend yourselves well if you don’t know what systems you have and where your data is,” said Richard Bejtlich, FireEye’s chief security strategist, in an interview with The Post. “You won’t be able to fend off a basic adversary, let alone an advanced adversary.”

Though the government hasn’t formally identified the group, Senator Harry Reid has mentioned a Chinese role in the OPM attack on the Senate floor.

The Chinese government, of course, has swiftly denied all accusations.

“Chinese law prohibits hacking attacks and other such behaviors which damage Internet security,” China’s Foreign Ministry said in a statement. “The Chinese government takes resolute strong measures against any kind of hacking attack. We oppose baseless insinuations against China.”

To check out what else is HOT in the world of payments, click here.