The Chinese hackers that stole the personally identifying information of more than 20 million people from the Office of Personnel Management (OPM) last year also hacked into United Airlines, Bloomberg reports.
And Dave Aitel, CEO of cybersecurity firm Immunity, Inc., notes that the hackers’ breach of United is especially significant as it’s the main airline in and out of Washington, DC’s Dulles International — the nearest international airport to the CIA’s headquarters in Langley, Virginia.
“Every CIA employee and visitor coming from abroad flies in and out of Dulles, and chances are they’re flying United,” Aitel told Business Insider.
“The combination of information [the hackers] obtained from OPM with the travel information they now have from United is hugely powerful” for the Chinese, Aitel said, “and it will make the kind of work the CIA does much more difficult.”
Mike Oppenheim, the manager of threat intelligence at the cybersecurity firm FireEye, told the New York Times that Beijing is building “a massive database of Americans, with a likely focus on diplomats, intelligence operatives and those with business in China.”
The OPM hack — described by top counterintelligence official Joel Brenner as a “significant blow” to American human intelligence — has the CIA especially worried about American spies working in Beijing with diplomatic cover, sources told the Times.
“The information that was exfiltrated was valuable in its own right,” Rep. Adam Schiff, D-Calif., the top Democrat on the House Intelligence Committee, told the Times. “It’s even more compromising when it is used in combination with other information they may hold. It may take years before we’re aware of the full extent of the damage.”
This “other information” — such as stolen medical and financial records — may now include US intelligence officials’ travel itineraries from the world’s second-largest airline.
“You’re suspicious of some guy; you happen to notice that he flew to Papua New Guinea on June 23 and now you can see that the Americans have flown there on June 22 or 23,” James Lewis, a senior fellow in cybersecurity at the Center for Strategic and International Studies, told Bloomberg.
“If you’re China, you’re looking for those things that will give you a better picture of what the other side is up to.”
FireEye estimates that the Chinese-based hackers have infiltrated at least 10 US companies and organisations, according to Bloomberg.
United Airlines claims it detected the breach in late May or early June. But the hackers’ digital footprints appear to be well over a year old, dating back to April 2014, according to Bloomberg.
The hackers who infiltrated OPM similarly had access to the agency’s security clearance computer system for over a year before they were detected.
“The average time Chinese hackers have access to a compromised system is 356 days and the longest recorded was 4 years and 10 months,” Mark Wuergler, a senior cybersecurity researcher at Immunity Inc., told Business Insider last month.
“They are really good at what they do, and when they break into something it’s not just smash and grab.”
NOW WATCH: We went inside a secret basement under Grand Central that was one of the biggest World War II targets
NOW WATCH: Briefing videos
Business Insider Emails & Alerts
Site highlights each day to your inbox.