Russia and China could be 'making it impossible for the US to hide' its intelligence activities

Advertisement

xi putin obama

REUTERS/Kim Kyung-Hoon

China's President Xi Jinping (front), Russia's President Vladimir Putin (2nd row), and U.S. President Barack Obama (3rd row) walk as they take part in an Asia-Pacific Economic Cooperation (APEC) family photo inside the International Convention Center at Yanqi Lake in Beijing, November 11, 2014.

US officials believe that China and Russia are building a database of US intelligence information using massive amounts of files stolen from government agencies and private companies, The Los Angeles Times reported Monday.

Advertisement

The intelligence community fears that sort of a database could be used to identify, profile, track, and potentially blackmail or recruit US intelligence operatives around the world.

Digital analysis of the data can reveal "who is an intelligence officer, who travels where, when, who's got financial difficulties, who's got medical issues, [to] put together a common picture," William Evanina, the top counterintelligence official for the US intelligence community, told The Times.

In recent months, hackers linked to the Chinese government have stolen data on millions of Americans via the Office of Personnel Management (which holds US security clearance background checks), the health insurance giant Anthem, and two major airlines (United and American).

The attacks diverged from their usual pattern of stealing intellectual property and defense secrets. Instead, the hackers have targeted information that would enable them to build a database of US diplomats, intelligence operatives, and those with business in China.

Advertisement

Some CIA, National Security Agency, and military special operations personnel were exposed in the OPM attack, resulting in what counterintelligence expert Joel Brenner described as "a significant blow" to American human intelligence.

china flag shadow

REUTERS/Gaung Niu GN/PB

A Chinese man walks near a lantern before a Lantern Festival on the outskirts of Beijing February 13, 2003.

Russia, too, has been linked to at least two major government data breaches this year. In April, Russia-hired hackers reportedly broke into an unclassified White House system and stole information about President Barack Obama's daily schedule and communications. In July, Russian hackers knocked the Pentagon's email system offline for two weeks and shared large quantities of data across thousands of websites, NBC reported.

The stolen data could forseeably be used as leverage for foreign governments over individuals, but blackmail may not be the hackers' only (or even primary) objective.

"There's a difference between leverage and information," cybersecurity expert Dave Aitel told Business Insider. "This isn't about blackmail ... it's about understanding the scope of US intelligence activities, tracking all relationships, and making it impossible for the US to hide the true depth of its intelligence."

Advertisement

Obama/Putin

REUTERS/Pablo Martinez Monsivais/Pool

The potentially blackmailable information exposed in the Ashley Madison hack, for example, is "much less important in the long run than simply knowing where everyone traveled," Aitel noted. "And the OPM hack will be less important in the future than the much bigger strategic hacks that have targeted private companies."

Still, "the combination of information [the hackers] obtained from OPM with the travel information they now have from United [Airlines] is hugely powerful" for the Chinese, Aitel told Business Insider last month, "and it will make the kind of work the CIA does much more difficult."

Aitel noted that the hackers' breach of United Airlines was especially significant as it's the main airline in and out of Washington, DC's Dulles International - the nearest international airport to the CIA's headquarters in Langley, Virginia.

"Every CIA employee and visitor coming from abroad flies in and out of Dulles, and chances are they're flying United," Aitel told Business Insider.

Advertisement

obama xi putin

REUTERS/Kim Kyung-Hoon

U.S. President Barack Obama (L-R), China's President Xi Jinping and Russia's President Vladimir Putin during a family photo shoot at the International Convention Center at Yanqi Lake in Beijing, November 11, 2014.

"Cross-referencing names contained in the OPM, IRS, and other caches would expose identities of US personnel working abroad under commercial or diplomatic cover," Robert Caruso, a former Navy special security officer who has worked in security at the State and Defense Departments, told Business Insider via email.

"You could easily target their families and employers with threats of blackmail or worse," Caruso added.

The Obama administration is now trying to figure out how best to retaliate for the data breaches without escalating the cyberwar. The White House is reportedly considering sanctions against China, in line with an executive order Obama passed in April authorizing financial and travel sanctions against anyone involved in foreign-based cyberattacks.

"We need to assume China has hacked every database" at this point, Aitel said. "Anything China competes with, they hack first. Economic sanctions is the obvious response, and it's long overdue."

Advertisement

NOW WATCH: The 6 coolest phrases only people in the military use