U.S. Will Not Publicly Blame China For OPM Hack

U.S. Will Not Publicly Blame China For OPM Hack
MaoNo / Pixabay

The Obama administration has decided against publicly blaming China for a massive hack of the U.S. Office of Personnel Management (OPM) over the past year according to senior administration officials in talking to the Washington Post. In June it was revealed that the OPM had been hacked which saw the compromise of the files of millions of current and former U.S. federal employees including secret records and many considered this a great defeat to the U.S. intelligence community. China is widely seen as being responsible for the hack though the U.S. has refrained from blaming them. Reasons for not doing so include a reluctance to reveal certain information and fears that similar cyber-attacks conducted by the U.S. on China will become public.

Play Quizzes 4

The OPM Hack and Fears of China

The hack at OPM saw the theft of personal data on millions of federal workers including highly sensitive security clearance information. When the hack became public knowledge, there was uproar in the U.S. Retired General Michael Hayden, former head of both the Central Intelligence Agency and National Security Agency, said that the data breach is a “tremendously big deal” and “The potential loss here is truly staggering and, by the way, these records are a legitimate foreign intelligence target.” Believing the breach to have originated from China, he feared that the stolen information will be used to help recruit spies in the U.S. and abroad while outing intelligence agents around the world.

[Exclusive] ExodusPoint Is In The Green YTD Led By Rates And EM/ Macro Strategies

Invest ESG Leon CoopermanThe ExodusPoint Partners International Fund returned 0.36% for May, bringing its year-to-date return to 3.31% in a year that's been particularly challenging for most hedge funds, pushing many into the red. Macroeconomic factors continued to weigh on the market, resulting in significant intra-month volatility for May, although risk assets generally ended the month flat. Macro Read More

Meanwhile, the former top counterintelligence official for the Intelligence Community, Joel Brenner said of the information obtained in the breach, “crown jewels material, a goldmine” for China. Even the FBI alluded to China’s involvement when it  warned companies in the weeks following about malicious software found in the OPM breach that may be tied to Chinese hackers. Politicians in the U.S. from both sides of the aisle were also quick to point the finger at China and its growing cyber abilities which are seen as a threat to U.S. national security.

Reluctance to Blame China

Despite many placing blame on China, the Obama Administration has announced that it will not publicly declare China as the culprit. This week a senior Obama administration official told the Washington Post, “We have chosen not to make any official assertions about attribution at this point.” Factors cited in refraining from blaming China include concern that in making a public case against China would require exposing details of the espionage and cyberspace capabilities and activities of the U.S. The same official added, “We don’t see enough benefit in doing the attribution at this point to outweigh whatever loss we might [experience] in terms of intelligence-collection capabilities.”

In the past the U.S. has not been afraid to respond to situations where foreign governments have been deemed responsible for the theft of corporate secrets at major U.S. firms. Last June, five members of Unit 61398 were indicted by the Justice Department for stealing corporate secrets from several U.S. firms.  Unit 61398 is one of several units of the Peoples Liberation Army (PLA) solely dedicated to cyber espionage. When foreign governments have been implicated of hacking government databases though, the government has been more restrained in its response.

Stealing or the attempt to steal information from another government is a traditional aspect of espionage. Because of that, there is a reluctance to take massive public action, in this case against China. With revelations of NSA spying on other countries including allies of the U.S., there is little reason to believe that the U.S. doesn’t conduct its own cyber espionage against China. The boldness of China in the hack even brought about a degree of respect in the U.S. intelligence community with Director of National Intelligence James Clapper saying, “You have to kind of salute the Chinese for what they did”. In so much, there seems to be little desire on the administration to bring such activities to light if they are to publicly blame China.


Regardless of the unwritten rules of espionage where this activity is considered to be expected, this event should warrant a more significant response. The hack of OPM is considered to be one of the most damaging cyber thefts in U.S. government history. The administration is still considering economic sanctions or other punitive measures on China for the OPM breach with a senior official saying, “We’re still teeing up options” for Obama and his national security team. This would send a message to China and act essentially as an implicit blame but does it go far enough?

The unwillingness of the Obama administration to take a harsher stance on China might also be due to other factors. The dispute in the South China Sea is heating up and the U.S. does not want to inflame that situation any more. The U.S. is looking to counter the rise of China but has to be cautious in how it proceeds so as to not push Beijing to take more aggressive actions. Furthermore, Washington might not want to endanger the upcoming visit of China’s President, Xi Jinping to Washington D.C. this September.

While the Obama administration won’t publicly blame China, there is little doubt that it is behind closed doors. At this point though the question is, what will a public condemnation of China by the U.S. government solve? By making the hack at OPM public knowledge, the government has allowed for China to be blamed as many current and former government officials have already done so. While the U.S. cannot stop China’s cyber espionage, the theft of records at OPM should send a signal to the intelligence and defense communities that the cyber threat from China is very real, and very dangerous and that greater steps must be taken to protect the U.S. from such attacks in the future.

Updated on

Stephen Paul Brooker is a writer, political researcher, and political consultant. His specialty is in East Asia security issues and he has lectured at St. John's University on conflict theory and international relations. He holds a Master's Degree in International Relations and a graduate certificate in International Law and Diplomacy from St. John's University and a Bachelor's Degree in Government from Wagner College. Currently he is pursuing a Diploma in Economics from the University of London.
Previous article QUALCOMM, Inc. (QCOM) To Become Patent Troll?
Next article India Is Upset: US Sold Military Equipment To Pakistan

No posts to display


  1. When U.S. decided not to blame China publicly for the hack of the Office Personnel Management, many have been
    disappointed with the decision because it was considered as a pivotal precedent for similar cases worldwide in the future. For example many countries in Europe were waiting to see how United States was going to respond to the OPM hack case,
    which has been described as the “biggest cyber attack in US history” and “attack against American nation.” Europe is struggling with similar cyber experiences. US has earlier this year declared a strong cyber sanction policy against foreign nation-state hackers and published cyber deterrence guidelines in the Pentagon´s recent cyber strategy. But in Europe, European countries are not openly discussing their own sanction policy against foreign hackers – they have been following in their policies what US is doing. Now US show its unwillingness politically to do nothing against a severe hack of OPM. US is sending a worrying message to Europe and other countries: Cyber espionage and cyber attacks are acceptable, even if we know who is doing it.

    Jarno Limnéll
    Professor of cyber security
    Aalto University
    Helsinki, Finland

Comments are closed.