Hacking threats and cyberattacks
Now playing
05:48
Blackmail worries after epic federal hack
5 ways us can stop hackers orig nws_00010722.jpg
5 ways us can stop hackers orig nws_00010722.jpg
Now playing
01:37
5 ways the US can stop hackers
Now playing
04:21
GPS spoofing: Russia's new cyberweapon?
russia DNC hacking RON 2_00000808.jpg
russia DNC hacking RON 2_00000808.jpg
Now playing
02:30
US blames Russia for power grid cyberattacks
Photo of North Korean leader Kim Jong Un taken from the front page of the state paper Rodong Sinmun on Friday September 22.
Rodong Sinmun/KCNA
Photo of North Korean leader Kim Jong Un taken from the front page of the state paper Rodong Sinmun on Friday September 22.
Now playing
02:28
US blames North Korea for cyberattack
The Kremlin wall and towers dominate the skyline at the Red Square in Moscow, on March 2, 2012. Russia on March 4 votes in presidential elections expected to send Vladimir Putin back to the Kremlin after his four year stint as prime minister. AFP PHOTO / SERGEI SUPINSKY (Photo credit should read SERGEI SUPINSKY/AFP/Getty Images)
SERGEI SUPINSKY/AFP/AFP/Getty Images
The Kremlin wall and towers dominate the skyline at the Red Square in Moscow, on March 2, 2012. Russia on March 4 votes in presidential elections expected to send Vladimir Putin back to the Kremlin after his four year stint as prime minister. AFP PHOTO / SERGEI SUPINSKY (Photo credit should read SERGEI SUPINSKY/AFP/Getty Images)
Now playing
03:34
NYT: US spies paid Russian who promised cyberweapons, Trump intel
BERLIN, GERMANY - DECEMBER 28: A participant sits with a laptop computer as he attends the annual Chaos Communication Congress of the Chaos Computer Club at the Berlin Congress Center on December 28, 2010 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants. (Photo by Sean Gallup/Getty Images)
Sean Gallup/Getty Images
BERLIN, GERMANY - DECEMBER 28: A participant sits with a laptop computer as he attends the annual Chaos Communication Congress of the Chaos Computer Club at the Berlin Congress Center on December 28, 2010 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants. (Photo by Sean Gallup/Getty Images)
Now playing
01:47
NYT: NSA hack bigger than Snowden
A roll of "I Voted" stickers, which are handed out to residents after they vote, sit on an election officials table at a polling place on November 4, 2014 in Ferguson, Missouri. In last Aprils election only 1,484 of Ferguson's 12,096 registered voters cast ballots. Community leaders are hoping for a much higher turnout for this election. Following riots sparked by the August 9 shooting death of Michael Brown by Darren Wilson, a Ferguson police officer, residents of this majority black community on the outskirts of St. Louis have been forced to re-examine race relations in the region and take a more active role in the region's politics. Two-thirds of Fergusons population is African American yet five of its six city council members are white, as is its mayor, six of seven school board members and 50 of its 53 police officers. (Photo by Scott Olson/Getty Images)
Scott Olson/Getty Images
A roll of "I Voted" stickers, which are handed out to residents after they vote, sit on an election officials table at a polling place on November 4, 2014 in Ferguson, Missouri. In last Aprils election only 1,484 of Ferguson's 12,096 registered voters cast ballots. Community leaders are hoping for a much higher turnout for this election. Following riots sparked by the August 9 shooting death of Michael Brown by Darren Wilson, a Ferguson police officer, residents of this majority black community on the outskirts of St. Louis have been forced to re-examine race relations in the region and take a more active role in the region's politics. Two-thirds of Fergusons population is African American yet five of its six city council members are white, as is its mayor, six of seven school board members and 50 of its 53 police officers. (Photo by Scott Olson/Getty Images)
Now playing
03:15
Homeland Security Chief: Hackers targeting voting systems
CNN/File
Now playing
02:17
Source ties Russia to Wikileaks emails
Reuters
Now playing
02:21
Putin ally warns of 'war' if US elects Hillary Clinton
Getty Images
Now playing
02:30
Hackers playing US for entertainment?
Russian President Vladimir Putin visits a polling station during parliamentary elections in Moscow on September 18, 2016. / AFP / POOL / GRIGORY DUKOR (Photo credit should read GRIGORY DUKOR/AFP/Getty Images)
AFP/AFP/AFP/Getty Images
Russian President Vladimir Putin visits a polling station during parliamentary elections in Moscow on September 18, 2016. / AFP / POOL / GRIGORY DUKOR (Photo credit should read GRIGORY DUKOR/AFP/Getty Images)
Now playing
02:15
Is hacking group tied to Russian intelligence?
A man walks to use a voting booth March 1, 2016, at one of the Virginia primary election polling stations at Colin Powell Elementary School, in Centreville, Virginia. Voters in a dozen states will take part in "Super Tuesday" -- a series of primaries and caucuses in states ranging from Alaska to Virginia, with Virginia the first to open its polling stations at 6:00 am (1100 GMT). / AFP / PAUL J. RICHARDS (Photo credit should read PAUL J. RICHARDS/AFP/Getty Images)
PAUL J. RICHARDS/AFP/Getty Images
A man walks to use a voting booth March 1, 2016, at one of the Virginia primary election polling stations at Colin Powell Elementary School, in Centreville, Virginia. Voters in a dozen states will take part in "Super Tuesday" -- a series of primaries and caucuses in states ranging from Alaska to Virginia, with Virginia the first to open its polling stations at 6:00 am (1100 GMT). / AFP / PAUL J. RICHARDS (Photo credit should read PAUL J. RICHARDS/AFP/Getty Images)
Now playing
01:52
US officially blames Russia for political hacks
FBI Director James Comey (R) speaks as Assistant Attorney General for National Security John Carlin (L) listens during a news conference for announcing a law enforcement action March 24, 2016 in Washington, DC.
Alex Wong/Getty Images
FBI Director James Comey (R) speaks as Assistant Attorney General for National Security John Carlin (L) listens during a news conference for announcing a law enforcement action March 24, 2016 in Washington, DC.
Now playing
04:31
Assistant attorney general to hackers: We'll find you
Hillary Clinton and Donald Trump shake hands following the first presidential debate moderated by NBC host Lester Holt(bottom L) at Hofstra University in Hempstead, New York on September 26, 2016.
PAUL J. RICHARDS/AFP/Getty Images
Hillary Clinton and Donald Trump shake hands following the first presidential debate moderated by NBC host Lester Holt(bottom L) at Hofstra University in Hempstead, New York on September 26, 2016.
Now playing
01:27
Fact check: Was Russia behind the DNC cyberattacks?
WESTBURY, NY - SEPTEMBER 26: Democratic presidential nominee Hillary Clinton speaks during a debate-watch party at The Space at Westbury on September 26, 2016 in Westbury, New York. Tonight was the first of four debates for the 2016 election - three presidential and one vice presidential. (Photo by Justin Sullivan/Getty Images)
Justin Sullivan/Getty Images North America/Getty Images
WESTBURY, NY - SEPTEMBER 26: Democratic presidential nominee Hillary Clinton speaks during a debate-watch party at The Space at Westbury on September 26, 2016 in Westbury, New York. Tonight was the first of four debates for the 2016 election - three presidential and one vice presidential. (Photo by Justin Sullivan/Getty Images)
Now playing
01:50
Clinton's Wall Street speeches leaked?

Story highlights

Some employees say they're angry, wonder why they weren't notified sooner

Investigators believe the hack affected 4 million current and former federal employees

Employees of legislative and judicial branches and uniformed military personnel not affected

Washington CNN —  

The massive hack that may have stolen the personal information of four million federal employees appears designed to build a vast database in what could be preparation for future attacks by China against the U.S., cybersecurity experts advising the government told CNN Friday afternoon.

Law enforcement officials also said Friday that the hack appears to have been carried out by the same Chinese hackers who attacked Anthem Insurance earlier this year, in which information on tens of millions of customers was stolen.

U.S. officials believe the breach, which was revealed Thursday and affected current and former federal workers from nearly every government agency, could be the biggest ever of the government’s computer networks.

“The extent of personal data stolen makes this attack an order of magnitude greater than any we have seen of its kind in the past,” said California Democratic Rep. Adam Schiff, the ranking Democrat on the House Intelligence Committee who was briefed on the attack.

China has called the allegation that it was behind the attack irresponsible. But the experts said that the goal behind the attack is to build a database of federal employees – using the stolen personal information to fool and impersonate government workers – to set up future “insider” attacks. By revealing who has security clearances and at what level, the Chinese may now be able to identify, expose and blackmail U.S. government officials around the world, the experts added.

The connection between the hacking attack and the Anthem incident was first reported by The New York Times.

Digital forensic expert Joshua James looks over malicious hacking codes used in a highly aggressive attack in South Korea in 2013.
K.J. Kwon/CNN
Digital forensic expert Joshua James looks over malicious hacking codes used in a highly aggressive attack in South Korea in 2013.
video

Failure to update software behind federal data breach

The cybersecurity experts added that some government agencies have not been following the government’s own best practices for cybersecurity, such as updating operating systems with latest protections.

The Office of Personnel Management, which is conducting background checks, warned it was urging potential victims to monitor their financial statements and get new credit reports.

Can Washington keep your data secure?

Federal employees lash out

Some federal employees took to Facebook to express their displeasure.

“Unreal, I don’t have enough money as it is,” Facebook user Shari Saeler posted on the Office of Personnel Management’s page. “Now I have to worry about someone stealing it!”

Retiree Linda Eleanor Rigby Robbins posted she didn’t know if she was affected.

“I do not understand why I heard this on the news instead of via letter or email from OPM,” she wrote.

George Thomas, who works as an analyst at the Smithsonian Institute, said he felt his employer had done its job in trying to keep his personal information safe. But Thomas also said that in the fast-changing world of technology, it can be difficult for employers to stay ahead of hackers and information breaches.

“It’s an uphill battle,” Thomas said.

The breach was initially thought to have affected the Office of Personnel Management and the Department of Interior, but government officials said hackers hit nearly every federal government agency.

An assessment continues, and it is possible millions more government employees may be affected.

U.S. investigators: We believe this was China’s work

U.S. investigators believe they can trace the breach to the Chinese government. The Chinese Foreign Ministry neither confirmed nor denied its involvement in the hack, simply pointing out it too has been a victim of cyberattacks in the past.

“China itself is also a victim of cyberattacks,” Chinese Foreign Ministry spokesman Hong Lei said Friday in Beijing. “China resolutely tackles cyberattack activities in all forms.”

He added that China would like to have more global cooperation “to build a peaceful and safe, open and collaborative cyberspace.”

And he also called on the United States not to make groundless accusations about China’s involvement “but instead add more trust and cooperating in this field.”

A spokesman from the Chinese Embassy in Washington late Thursday objected to allegations that the Chinese government may be behind the massive hack.

“Cyberattacks conducted across countries are hard to track, and therefore the source of attacks is difficult to identify. Jumping to conclusions and making (a) hypothetical accusation is not responsible and counterproductive,” Zhu Haiquan said.

How China could have hacked the U.S. government in 10 steps

EINSTEIN detection system

Employees of the legislative and judicial branches and uniformed military personnel were not affected.

There are 2.7 million federal executive branch employees. It’s unclear whether the breach affected all of them, along with former employees, or only a portion of them.

The federal personnel office learned of the data breach after it began to toughen its cybersecurity defense system. When it discovered malicious activity, authorities used a detection system called EINSTEIN to unearth the information breach in April, the Department of Homeland Security said.

federal data hack jones newday_00002914.jpg
federal data hack jones newday_00002914.jpg
video

Hackers steal data from millions of U.S. government employees

A month later, the federal agency learned sensitive data had been compromised.

The FBI is investigating what led to the breach.

“We take all potential threats to public and private sector systems seriously and will continue to investigate and hold accountable those who pose a threat in cyberspace,” the FBI said in a statement.

The federal personnel office said “personally identifiable information” had been breached, though the office didn’t name who might be responsible.

Cybersecurity: How safe are you?

Senator: The breach is ‘disturbing’

Senate Homeland Security and Governmental Affairs Chairman Ron Johnson, R-Wisconsin, called the breach “disturbing” and said the Office of Personnel Management needs to do a better job securing its information.

“It is disturbing to learn that hackers could have sensitive personal information on a huge number of current and former federal employees – and, if media reports are correct, that information could be in the hands of China,” Johnson said in a statement. “(The office) says it ‘has undertaken an aggressive effort to update its cybersecurity posture.’ Plainly, it must do a better job, especially given the sensitive nature of the information it holds.”

U.S. Rep. Adam Schiff of California, the top Democrat on the House Intelligence Committee, said hackers are one of the “greatest challenges we face on a daily bases.”

“It’s clear that a substantial improvement in our cyber databases and defenses is perilously overdue,” Schiff said in a statement. “That’s why the House moved forward on cybersecurity legislation earlier this year, and it’s my hope that this latest incident will spur the Senate to action.”

And former Arkansas governor and 2016 Republican presidential hopeful Mike Huckabee blasted the Obama administration in a statement over what he felt were inadequate precautions taken to protect the personal data of millions of federal workers.

“What will it take for the White House to do its job? What will it take for the Obama administration to wake up and defend America?” he asked. “The lack of common sense in this White House is beyond breathtaking.”

At a press briefing earlier Friday, White House Press Secretary Josh Earnest, citing the ongoing investigation, declined to discuss specific details about the attack. But he blamed Congress for not doing enough to pass laws that would enhance cybersecurity.

“We need the United States Congress to come out of the Dark Ages and actually join us here in the 21st century to make sure that we have the kinds of defenses that are necessary to protect a modern computer system,” he said.

The worst hacks of all time

CNN’s Evan Perez, Kevin Wang, Sophie Tatum and Walbert Castillo contributed to this report.