The U.S. military’s top cyber warrior says it’s merely an “assumption” that the Chinese government was behind the recent hack at the Office of Personnel Management, or OPM — and not necessarily one he shares. That puts Adm. Michael Rogers, commander of U.S. Cyber Command and director of the National Security Agency, in opposition to unnamed sources within the U.S. government who blamed Beijing in June 4 interviews with the New York Times and Washington Post.
Rogers spoke in response to a question about how the National Security Agency was going about attributing the breach to the Chinese government. “You’ve put an assumption in your question,” he said. “I’m not going to get into the specifics of attribution. It’s a process that’s ongoing.”
As I keep saying, attribution is very difficult, especially when it is a sophisticated nation state attack. The small nuances between how different countries perform their cyber operations is so difficult to precisely determine that, in many instances, it is impossible to say unequivocally who was responsible. If the attackers are very good at cleaning up after themselves they may not even leave fingerprints to help forensics analysts identify what happened.
In addition to the technical concerns, there are also political ones. Falsely identifying a nation as the source of an attack can have major political ramifications.
A public declaration of responsibility is not likely to come anytime soon.