Obama to retaliate against China’s alleged hacks

The Obama administration has decided to plan for retaliation against China for stealing sensitive personal information of more than 20 million Americans by hacking into the Office of Personnel Management, according to the New York Times.

The administration’s response appears to be part of a strategy of deterrence in order to stem the rapid escalation of cyberwarfare between some of the most powerful nations on Earth.

Leaders at the top of American government have yet to officially blame China for the incident that has been called the worst hack in American history. As anonymous sources, however, American officials have repeatedly pointed the finger at their Asian rivals.

That pattern of anonymity continues here as there are no named sources in the Times story but extensive details that can only come from powerful access granted from high levels of government. 

Additionally, the Times omits the word “alleged” in its reporting of the hack. (The word is usually used as a caveat in cases where guilt is not proven.)

The Obama administration has yet to decide how to retaliate, the Times reports, and it’s not clear that the public will know about such retaliation when it happens.

The Obama administration is conjuring up possible acts to respond to the hacks they accuse China of.

An anonymous “senior administration official” offered justification to the Times:

“One of the conclusions we’ve reached is that we need to be a bit more public about our responses, and one reason is deterrence. We need to disrupt and deter what our adversaries are doing in cyberspace, and that means you need a full range of tools to tailor a response.”

Critics are already wondering if the U.S.’s retaliation will escalate the situation despite the opposite being the announced goal.

The hack against OPM took more than a year to detect and was only sniffed out when a third-party security firm was in a sales pitch and demonstrated their forensic products to the agency. During the sales pitch, they realized that the networks had been compromised.

After several months of turmoil following the discovery of the breach, OPM director Katherine Archuleta resigned.

Although one finger is pointed at China for allegedly perpetrating the hack, others place significant blame on Archuleta and OPM leadership over the years for failing to fix security issues despite repeated warnings.

“The IG [Inspector General] has been warning about security lapses at OPM for almost a decade,” Rep. Jason Chaffetz (R-Utah) told the Daily Dot in a statement earlier this month.

H/T New York Times | Illustration by Max Fleishman

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.