Anthem Hack Investigators Cite Chinese ‘Fingerprints’

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Investigators of Anthem attack pursue evidence pointing to Chinese state-sponsored hackers

American investigators are reportedly pursuing evidence that Chinese state-sponsored hackers are stealing personal information from US healthcare companies for purposes other than pure profit.

It comes after the second largest healthcare insurer in the United States, Anthem, revealed earlier this week that it had been a victim of a “very sophisticated external cyber attack”.

Anthem Attack

The Anthem attack resulted in the compromise of 80 million customer and staff records. The hackers were able to access customer data including names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.

“Anthem was the target of a very sophisticated external cyber attack,” wrote Joseph R. Swedish, President and CEO of Anthem.

He claimed that Anthem already was protected by state-of-the-art information security systems, but those systems failed to stop the hackers.

The FBI was quickly alerted and Anthem retained cybersecurity firm Mandiant to evaluate its security systems and identify solutions. But that has not stopped a Californian woman from already launching a lawsuit against the US healthcare company

But Anthem investigators are now said to be investigating whether China was behind the hack. Citing three people familiar with the probe, Bloomberg reported that investigators of Anthem’s data breach are pursuing evidence that points to Chinese state-sponsored hackers who are stealing personal information from health-care companies.

According to Bloomberg, the attack appears to follow a pattern of thefts of medical data by foreigners seeking a pathway into the personal lives and computers of a select group – defense contractors, government workers and others, according to a US government official familiar with a more than year-long investigation into the evidence of a broader campaign.

Indeed, this is not the first time that a healthcare provider has been hacked. Last August, Community Health Systems (CHS), a major US operator of general hospital healthcare, lost patient records of 4.5 million people in a hacker attack.

Other high profile data breaches include US retailer Target and then US retail chain SuperValu. And of course, the most recent high profile attack was the hack of Sony Pictures Entertainment, which is being blamed on North Korea.

America US China - Shutterstock © AquirChinese Hackers?

Regarding the Anthem attack however, technical details of the attack include “fingerprints” of a nation-state, according to two people familiar with the investigation, who said China is the early suspect.

China has consistently said in the past that it doesn’t conduct espionage through hacking. But there are concerns that this stealing of valuable personal data could allow hackers to conduct “phishing” attacks on customers. But there are also espionage worries that the data could be used to gain vital intelligence from people, especially those people who work in critical industries such as defence contractors.

The United States has previously pointed the finger at the People’s Liberation Army’s Unit 61398. Indeed, five members of that Shanghai-based hacking unit were indicted by federal prosecutors last year.

But according to two people familiar with the Anthem investigation, a different and more sophisticated group attacked Anthem, based on initial indications.

What do you do when tech fails? Take our quiz!

Read also :