U.S. officials investigating the cyberattack against health insurer Anthem suspect that state-sponsored Chinese hackers may have been responsible for the data breach, which compromised the personal information of up to 80 million people, people familiar with the investigation have told multiple media outlets.
A source close to the investigation told Reuters that a link to Chinese hackers was being investigated. Though the investigation is still in its early stages, the software and techniques used to carry out the attack have been used widely by Chinese spies in the past, the source said.
Health and medical data can serve a variety of purposes for foreign intelligence agencies and criminal organizations.
For criminals, health data is seen as both highly lucrative and easier to acquire than financial data, which is often better-protected. Health data can also be exploited to file false insurance claims, buy prescription drugs or even extort cash from policyholders desperate to keep their private medical data under wraps, the Washington Post reported.
For foreign governments, however, the data can have valuable intelligence potential. A U.S. government official working on a year-long investigation into cybercrime told Bloomberg that the Anthem attack followed a patten that showed foreigners seeking access to the personal information of a specific group of Americans -- defense contractors.
Investigators believe that data of the kind stolen from Anthem could allow hackers to conduct so-called “phishing” attacks against government or defense workers, who would then unintentionally grant the hackers access to their organization's networks.
On Thursday, President Barack Obama's cybersecurity adviser, Michael Daniel, said that the Anthem attack was “quite concerning,” adding: “It's particularly disturbing especially when it hits that many people," Daniel said, according to CNBC.
China denies that it carries out espionage by hacking. “Chinese laws prohibit cyber crimes of all forms,” Chinese Embassy spokesman Zhu Haiquan told the Wall Steet Journal. “Unfounded hypothesis and jumping to conclusions is irresponsible and will be counterproductive to address these issues.”
U.S. National Security Agency whistleblower Edward Snowden, however, suggested otherwise, saying said Chinese spies stole a huge volume of data related to Lockheed's F-35 Joint Strike Fighter.