Chinese hackers were behind the recent cyberattack that compromised the records of millions of government workers, at least according to a top US intelligence official.
Director of National Intelligence James Clapper said that China is the leading suspect in a security attack against the government's personnel office, the first time a US officially has publicly pointed the finger at the Chinese government.
The attack not only accessed the records of government workers in the Office of Personnel Management but may have compromised 18 million Social Security numbers of US citizens. China has long been labeled as the source of cyberattacks against the government agencies and US businesses. But the White House has stopped short of publicly accusing the Chinese government as it tries to thaw the US government's frosty relationship with Beijing.
In April, President Obama signed an executive order that would allow the US to impose sanctions on individuals or entities responsible for cyberattacks that represent a "significant threat to the national security, foreign policy, economic health, or financial stability of the United States." But with the US trying to make nice with China, it's unclear how would it impose sanctions or what form would those sanctions take.
"The challenge here, the problem for us, frankly, is until such time as we can create both the substance and the psychology of deterrence, this is going to go on," Clapper said, "And that's been frankly a struggle for us, because of concerns about unintended consequences and other related policy issues." Still, the US seems ready to draw a line in the sand. The White House has yet to use sanctions in the case of a cyberattack, but it is considering whether to use them in this case, people familiar with the matter told. White House spokesman Josh Earnest said the White House would not telegraph its "response to this incident, but that the new sanctions certainly are available."
The Chinese government has, of course, denied any involvement in the recent cyberattack. But many US officials have privately pinned the blame on Chinese hackers. For now, though, the challenge for the US is to come up with a clear strategy for dealing with this particular cyberattack, and cyberattacks in general. The exposure suggests that the massive computer breach at the Office of Personnel Management is more significant and potentially damaging to national security than officials have previously said.