US calls for cyber reform after massive hack

White House Press Secretary Josh Earnest answers questions on the massive cyber-attack on the personal data of government employ
White House Press Secretary Josh Earnest answers questions on the massive cyber-attack on the personal data of government employees June 5, 2015 during the daily briefing in the White House in Washington, DC

The White House urged Congress to come out of the "dark ages" and pass new cyber security rules, using a massive security breach to press its case for reform.

President Barack Obama's allies seized on news of that data on four million had been compromised to press for legislation stalled in the Republican-dominated Congress.

"The fact is, we need the United States Congress to come out of the and come into the 21st century to make sure we have the kinds of defenses that are necessary to protect a modern computer system," said White House spokesman Josh Earnest.

Senate Intelligence Committee vice chairman Dianne Feinstein, a Democrat, joined the White House drive.

"Congress must take action," to speed notifications on breaches and increase cooperation between the government and private companies.

"It's impossible to overstate this threat," she said.

"Trillions of dollars, the private data of every single American, even the security of critical infrastructure like our power grid, nuclear plants and drinking water are all at risk."

The US government on Thursday admitted hackers accessed the personal data of current and former federal employees, in a huge cyber-attack suspected to have originated in China.

The breach of the Office of Personnel Management included records on 750,000 Department of Defense civilian personnel.

The New York Times reported Friday that the inspector general of the department had warned in November that the office's database was vulnerable to cyber-attack.

The newspaper reported that by the time the warning was published, hackers had plundered tens of thousands of files containing security clearances, laying the groundwork for the massive attack revealed on Thursday.

"The mystery here is not how they got cleaned out by the Chinese. The mystery is what took the Chinese so long," one senior former US government official was quoted by the Times as saying.

The United States has repeatedly accused China of waging cyber warfare in recent years, claims Beijing routinely denies.

In 2013, US Internet security firm Mandiant said hundreds of investigations showed that groups hacking into US newspapers, government agencies, and companies "are based primarily in China and that the Chinese government is aware of them."

One group, it said, was believed to be a branch of the People's Liberation Army called Unit 61398, and digital signatures from its cyber-attacks were traced back to a building in Shanghai.

Last year, five members of the unit were indicted by US federal prosecutors on charges of stealing information from companies, including nuclear plant manufacturer Westinghouse, SolarWorld and US Steel.

Beijing angrily hit back on Friday at claims the latest attack had originated in China, describing the allegation as "irresponsible."

"Cyber-attacks are generally anonymous and conducted across borders and their origins are hard to trace," foreign ministry spokesman Hong Lei said at a regular briefing.

"Not to carry out a deep investigation and keep using words such as 'possible' is irresponsible and unscientific," he added.


Explore further

Beijing calls reports China involved in US hack 'irresponsible'

© 2015 AFP

Citation: US calls for cyber reform after massive hack (2015, June 6) retrieved 26 June 2019 from https://phys.org/news/2015-06-cyber-reform-massive-hack.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
107 shares

Feedback to editors

User comments

Jun 06, 2015
Don't we already have a US Cyber Command, or something like it?

Reagan, Bush, and Baby Bush seeded the federal government with political stiffs, crooks, and politically-warped cronies. It will take a generation to get them out.

Jun 06, 2015
No, we are suffering from the Bush Wars. Got that oil?

What did we get for the mass murder of 200,000 civilians who had done nothing to us?

Was it worth the $4,000,000,000,000 it cost just in the Bush Years?

How many Bush War veterans kill themselves EVERY DAY??

Do you CARE?

Jun 06, 2015
As has already been reported, the Feds had NO security in place at all. But its not because the Congress didn't pass new cyber security rules. This administration hasn't had a problem going around congress on virtually every issue. Going around them on beefing up online security should have been a no-brainer. No, we didn't have any security because they didn't think it was needed, as ridiculous as that sounds.

Jun 06, 2015
Probably so.

Jun 06, 2015
There was N.Korea in Sonny fiasco now China in IRS fiasco. All BS. I have an observation however. I happen to observe computer science departments here in US for three decades and what was interesting that when you got there on US soil you may as well use your Cantonese or Mandarin, no English required since those department we swelled with majority Chinese/Asian students as it was in engineering and physics department as I observed as well. Adding to it export of latest US technology legally and illegally and we end up with problem of our own doing. Technical regression in relative terms. What is disturbing how Chinese or whoever it was!!!! easily defeated security system just recently completed for hundreds of millions of dollars. But this could be corrected by equally obsolete system for billions $. And that's why we even hear of this incident. Just to fund new one.Government at work.

Jun 07, 2015
The massive incompetence that allows these hacks to be successful is truly impressive. The NSA conducts mass surveillance on their own country and other agencies have the own methods for spying on their own people. At the same time, the heads of these agencies argue that encryption should not be allowed because it makes their spying more difficult.

It appears that they are willing to compromise their own security, as well as those of every business and citizen of the country.

This sort of attack would never be successful, if appropriate security procedures and protections are in place.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more