White House: Still trying to learn 'scope' of hack attack

David Jackson | USA TODAY

WASHINGTON — White House officials — under fire over a new hack attack — said Friday they are still trying to learn the scope of the cyber intrusion that exposed financial information about millions of current and former federal employees.

"There is still a lot of work that needs to be done to get to the bottom of this particular incident." said White House spokesman Josh Earnest.

Earnest and other officials said the installation of a new security system enabled them to detect the massive theft that has been traced to China. They also said the U.S. is speeding up plans for additional defenses to deter hackers who are constantly changing tactics in order to pierce government security systems.

"The threat is ever evolving," Earnest said, so it is critical that the government adapt its defenses to "reflect that ever-evolving risk."

The Office of Personnel Management said that on Monday it will begin notifying up to 4 million current and former federal employees who might be affected by the attack. The breached data could include credit card information, bank records and Social Security records.

OPM conducts the vast majority of federal background investigations, which raises another question: Were detailed background forms also accessed by hackers? Officials said that's another thing under investigation.

Meanwhile, lawmakers said the latest hack — one in a series of cyber attacks that have reportedly involved Russians as well as Chinese — raises new questions about just how adequate the nation's cyber defense is.

The attack may be "yet another example of America being walked over by rivals and adversaries." said Sen. Lindsey Graham, R-S.C., one of the candidates for the Republican presidential nomination in 2016.

"I fear a cyber 'Pearl Harbor' is increasingly more likely if we do not invest in the necessary infrastructure to protect our nation," he said.

President Obama has made cyber security a major priority, which means it is a priority for his top counter-terrorism adviser, Lisa Monaco, officials said.

The president has also appointed Michael Daniel as the White House cybersecurity coordinator, responsible for working with other parts of the government, the private sector, non-governmental organizations and other nations on defense strategies.

The Department of Homeland Security has created a Computer Emergency Readiness Team that is involved in the investigation of the attack on the Office of Personnel Management.

As for congressional criticism, Earnest pointed out that Obama — who this year created the Cyber Threat Intelligence Integration Center — has also proposed legislation to bolster cyber defenses. It has not been acted upon.

"The president's been very focused on this," Earnest said. "But we haven't seen Congress do a single thing."

The breach of the Office of Personnel Management apparently took place in December, before installation of a new security system, Earnest said. Investigators discovered the intrusion in April as they installed that system, and officials did not determine until May that some private personal data had been compromised.

The Obama administration disclosed the attack Thursday night.

U.S. officials, speaking on condition of anonymity because it is an ongoing investigation, said signs are pointing to hackers from China as the perpetrators.

Earnest declined to discuss possible suspects, saying it is unclear whether the breach involves state actors, private operators working with a government, or "a more run-of-the-mill criminal enterprise."

In general, the White House spokesman said the administration has repeatedly raised the issue of cyber attacks with the Chinese — and once indicted five Chinese military officials on cyber-espionage charges.

The Chinese have denied allegations about incidents both past and present.

Hong Lei, a spokesman for the Chinese Foreign Ministry, told reporters that his government wants the United States to be "less suspicious and stop making any unverified allegations, but show more trust and participate more in cooperation."

Lei noted that China has also been the target of hackers: "We know that hacker attacks are conducted anonymously, across nations, and that it is hard to track the source. It's irresponsible and unscientific to make conjectural, trumped-up allegations without deep investigation."

Sen. Susan Collins, R-Maine, a member of the Senate Intelligence Committee, said that, like China, Russia and Iran also possess the means to launch cyber attacks on U.S. interests.

She called for improvements in the nation's cyber structure, citing widely held concerns about cyber attacks on water systems, the electrical grid, air traffic control operations, power plants and large computer systems in general.

"As the experts continue to tell us, it is not a matter of if a devastating attack occurs, but when," she said.

It's hard to say how much will ever be known about this latest attack.

As investigators try to piece together what happened, Earnest said they may not want to share information with too many people so as not to tip off future hackers.

"There is risk associated with making public what exactly our investigators have learned," Earnest said.