The Public Eye with Eric Chabrow

Hit 'n' Miss Hacking

Obscure Agencies Seem to Be the Latest Targets

When Chinese hackers reportedly breached the Office of Personnel Management, these intruders from the Peoples Republic apparently broke into the computer systems of the Government Accountability Office and the Government Printing Office as well (see U.S. Government Personnel Network Breached).

See Also: AI-Driven Strategies for Effective Cyber Incident Recovery

The alleged Chinese hackers appear to have turned their attention to far more obscure federal agencies after years of cyberattacks on the networks of high-profile targets such as the Defense Department, The New York Times Times reported July 15.

"Because labor is inexpensive in China, there are many hackers," reporter Michael Schmidt writes. "They often break into whatever they can and move onto their next target if they do not find anything that interests them."

Could this be the new economics of hacking? Fishing for profit. It could prove to be a tough way to make money. Breach one website after another seeking a particular piece of information in hopes of a big payday.

The FBI last week documented an e-mail exchange between Chinese individuals - apparently working as freelancers - who allegedly hacked into Boeing's IT systems to steal information about the C-17 military transport. The alleged co-conspirators griped about the difficulty of getting paid for pilfered data. "It's not easy to sell information," one of the alleged hackers lamented (see Details Emerge of Boeing Hack).

Hackers aren't likely to find valuable information from computers at most small U.S. federal agencies, as they would at the larger ones such as DoD. The printing office publishes documents for Congress, the White House and many federal agencies as well as U.S. passport. The GAO, the investigative arm of Congress, audits government programs that involves classified and unclassified information.

'Guy Sitting in an Office'

James Lewis, the cybersecurity expert at the think tank Center for Strategic and International Studies, tells the Times that hacking the printing office could have been a mistake; Chinese hackers don't know how the U.S. government works and what GPO stands for. "This is some guy sitting in an office in China who doesn't have a sophisticated understanding of how the U.S. government works and doesn't have a lot of direction," Lewis says.

GAO and the printing office issued statements to the Times saying the hackers didn't gain access to any personally identifiable information. But GAO says it had been forced to remove several servers that had been infected in the attacks, and that it has taken "additional steps to strengthen the security" of its system. With help from the Department of Homeland Security and outside specialists, the agency says it analyzed "the extent of the malware" that was embedded during the attacks and eradicated it.

"In fact," the GAO statement says, "servers with information on our audit work and report drafts did not have malware, and classified and other sensitive data work stations are not connected to our network."

That's good news for the GAO, but bad news for hackers trying to make an "honest" buck for a day's work.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.