Once again, hackers with suspected foreign-government connections (Chinese, this time) have managed to break into and read the emails of top U.S. government officials. More precisely, once again, the American public has been informed of such a breach, though the breach itself has been ongoing for much longer.
NBC News reported today that since at least April 2010, Chinese cyber spies have been able to access and read the private emails of “many” high-ranking officials in the Obama administration. However, it does not appear that the compromise affected any official government-issued email accounts.
Last April, the New York Times reported a similar attack that did. Hackers with suspected Russian government support were able to breach network security at the State Department, then use that as a jumping-off point to hack into the network of the White House itself.
And just last week, the Defense Department temporarily took its email systems offline after Russian hackers successfully targeted email systems at the Pentagon.
Breach is still ongoing
The Russian breaches from last summer and last week compromised actual government-issued accounts and networks, not private accounts as in this latest Chinese breach. On the other hand, the security holes exploited by those Russian hackers have presumably since been fixed, whereas the Chinese breach is still going on, according to an unnamed “senior official” who spoke to NBC News.
At a top secret National Security Agency briefing in 2014, the NSA said that the Chinese email grab was first detected in 2010, and was and is still ongoing. U.S. officials gave it the codenames “Dancing Panda” and then “Legion Amethyst.”
NBC says that “In 2011, Google disclosed that the private gmail accounts of some U.S. officials had been compromised, but the briefing shows that private email accounts from other providers were compromised as well.” However, the senior official who spoke to NBC said that the government emails assigned to those officials had not been compromised, since they are more secure.
In addition to reading officials' emails and any sensitive content therein, the Chinese hackers also sent malware to the friends and colleagues listed in their address books.
String of security breaches
U.S. security experts suspect this newly uncovered email hacking is merely the latest in a string of massive data security breaches backed by China (although the Chinese government has consistently denied responsibility for all of them). In July, the director of the federal Office of Personnel Management, which oversees security clearances for government employees and contractors, resigned after exposure of a massive security breach believed to have affected the sensitive (and often blackmail-worthy) records of 22 million people.
Those OPM hackers are believed to be the same ones responsible for last November's breach of the United States Postal Service, the February breach at Anthem health insurance, the Premera Blue Cross breach in March, and another breach at CareFirst Blue Cross/Blue Shield in May.
Last week, NBC published a map from that 2014 NSA briefing, showing all of the successful Chinese-backed thefts of U.S. corporate and military secrets and data over a five-year period: over 600 targets in all, with special focus on stealing data related to electrical and communications infrastructures. NBC noted that “the prizes that China pilfered during its 'intrusions' included everything from specifications for hybrid cars to formulas for pharmaceutical products to details about U.S. military and civilian air traffic control systems, according to intelligence sources.”
The specific U.S. officials targeted in this latest Chinese cyber attack have not been publicly identified.