Chinese hackers used OPM data to steal US military intelligence

Chinese hackers used data retrieved from the breach of the United States Office of Personnel Management (OPM) to steal terabytes of sensitive data from U.S. defense contractors.

On Thursday, Trend Micro published a report titled Operation Iron Tiger, which detailed the extensive confirmed breaches by Chinese cyber spies.

Trend Micro’s Vice President of Cybersecurity Thomas Kellerman, as well as Dr. Ziv Chang, Sr. Director, Cyber Safety Solutions, Core Technology at Trend Micro and lead author of the report, gave an interview to Forbes about the report.

During the interview, Kellerman stated he believes the OPM data was used in formulating the attacks discussed in the Iron Tiger Report.

Testifying before the House Intelligence Committee Thursday, Director of National Intelligence James Clapper said cyberattacks against American interests will likely continue and expand, in part because hackers face a low risk of consequences. Screen shot from video.
Testifying before the House Intelligence Committee Thursday, Director of National Intelligence James Clapper said cyberattacks against American interests will likely continue and expand, in part because hackers face a low risk of consequences. Screen shot from video.

Kellerman’s report contradicts that of Director of National Intelligence James Clapper, who testified to the House Intelligence Committee earlier this month, and said he didn’t believe that data from the OPM hack had been used in a “nefarious way.”

In the interview, Kellerman said he believes that the data stolen from the OPM in April has been used and is still being used by Chinese cyber spies, nicknamed Iron Tiger by Trend Micro. According to Kellerman, the OPM data enabled Iron Tiger to precisely target U.S. military contractor victims, as well as know the types of information each victim would hold. The information helped them determine the best methods to use to attack them and to execute attacks.

The House Intelligence Committee Thursday listens to the testimony of the Director of National Intelligence, James Clapper, who said cyberattacks against American interests will likely continue and expand, in part because hackers face a low risk of consequences. Screen shot from video.
The House Intelligence Committee Thursday listens to the testimony of the Director of National Intelligence, James Clapper, who said cyberattacks against American interests will likely continue and expand, in part because hackers face a low risk of consequences. Screen shot from video.

When asked to name the types of data Iron Tiger targeted, Chang said the most likely data targeted include engineering, intelligence analytics and training, base operations support, operations and management, and security assessment and training.

Both Chang and Kellerman agree that the data stolen by Iron Tiger presented a significant and serious risk to U.S. military interests and operations.

According to Kellerman, the appropriate authorities have been notified, and they have also been provided with a copy of the report, as well as details not included in the report.

Author

Post navigation