US Government Employee Hack & the Future of Warfare

Uploaded on 2015-06-16 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

Hacking-of-America-NBC-News-620x433.png

A massive hack of the federal government may have compromised personal information belonging to 9 million to 14 million people, far more than was initially believed. Multiple sources on Capitol Hill, within the federal workforce and around Washington have estimated that the final tally of people affected by the hack could easily eclipse the 4 million reported by the Obama administration.

Already, the theft of data from the Office of Personnel Management (OPM) is the largest data breach ever at the federal government. With an increase in the scope of the attack, which officials, speaking privately, have traced back to China, the Obama administration's response will face further scrutiny and more questions about the state of the nation’s digital security.
 
The Office of Personnel Management has faced repeated hacking attempt, including an incident last year when Chinese hackers tried to steal tens of thousands of files about US workers who had applied for top-secret security clearance. But a breach of federal data that was announced last month appears to be significantly worse than the federal government originally let on.
Hackers may have stolen personnel files for as many as 14 million people. That number, much larger than the actual federal workforce, suggests that the hack may have exposed the information about additional categories of individuals, such as family members or government contractors.
It’s also more than three times as many people as original reports suggested, according to The Hill and other outlets, citing officials who claim the attack originated in China.
Officials are still working to figure out whether the theft of data from the Office of Personnel Management may also include sensitive information about contract workers and family members of employees who underwent background checks. And it’s not clear whether hackers could use the data they have to identify U.S. spies or other intelligence personnel.
But it is clear that large-scale data theft is a major problem facing the United States. It has happened before and it will happen again.

In 2012, Verizon said that “state-affiliated actors” made up nearly one-fifth of the successful breaches it recorded that year. In 2013, hackers stole data about more than 100,000 people from the Department of Energy’s network. Officials in the United State blame China for years-long hacking attempts against the Veteran Affairs Department that began as early as 2010 and compromised more than 20 million people’s personal information. And even though the Office of Personnel Management had been hacked before, it appears the agency continued to be astonishingly lax about its own security.

From The New York Times:
The agency did not possess an inventory of all the computer servers and devices with access to its networks, and did not require anyone gaining access to information from the outside to use the kind of basic authentication techniques that most Americans use for online banking. It did not regularly scan for vulnerabilities in the system, and found that 11 of the 47 computer systems that were supposed to be certified as safe for use last year were not “operating with a valid authorization.”
Fighting back against hackers at the government level, many experts say, will require agencies to fight back in real-time. “Like banks and technology companies, government agencies must move to a model that assumes hackers will always get in,” Michael A. Riley wrote for Bloomberg last week. “They’ll need to buy cutting-edge technologies that can detect intruders inside networks and eject them quickly, before the data is gone.”
Officials have warned that in addition to ignoring technical vulnerabilities, the United States hasn’t been forceful enough about deterring hackers. Several experts say the U.S. needs to be more aggressive about publicly reporting the scope of hacking attempts as well as identifying and punishing those who steal government data. The authors of a 2013 report by the Commission on the Theft of American Intellectual Property argued that laws should be rewritten to give the Department of Homeland Security, the Department of Defense, and law enforcement agencies the authority to use “threat-based deterrence systems that operate at network speed” to fight back against unauthorized intrusions into national security and critical infrastructure networks.
“These conditions cannot be allowed to fester,” the authors of the report wrote. “China has taken aggressive private and public actions that are inflicting major damage to the American economy and national security. Robust and swift action must be taken by the U.S. government.”
Such deterrence systems could mean targeting hackers with some of their own weapons: government-sanctioned malware or ransomware, software that locks down a computer without a user’s consent—a tactic that the U.S. government has already explored. As The Intercept reported last year, top-secret files in the trove of documents leaked by whistleblower Edward Snowden revealed the National Security Agency was “dramatically expanding its ability to covertly hack into computers on a mass scale,” including infecting millions of computers across the globe with malware.

The concern is that the government will be able to justify its own covert hacking infrastructure by focusing on the threat of data theft from foreign governments—only to then use malware implants as mass surveillance tools against U.S. citizens.

The military, meanwhile, is beginning to explore what operational readiness and a “traditional war-fighting perspective” might look like when it’s adapted for a post-Cold War digital world. “There are more questions than answers,” wrote the authors of a 2013 Air Force Research Institute report about deterrence in the Internet age. “Organizing to fight through cyber attacks not only prepares the United States to operate under duress, but sends a strong deterrence message to potential adversaries.”
What remains to be seen is the extent to which old military models can even be useful in a new environment. The authors of the Air Force report argue that “human nature has not changed, making fear, honor, and interest no less drivers of human action today than they were in the time of Thucydides.” But the players in an emerging global power struggle that will largely take place online are all new, and they’re using tools that the U.S. government still doesn’t seem to understand. 

The Hill:  http://bit.ly/1I7qDWJ
DefenseOne:  http://bit.ly/1QZMdkC

« Enforcing Magna Carta in the Age of Cyberwarfare
Russian Hackers Posed as ISIS to Hack French TV Channel »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Waterfall Security Solutions

Waterfall Security Solutions

Waterfall Security is focused on protecting critical infrastructure and industrial control systems from remote online cyber attacks,

Cyber Triage

Cyber Triage

Cyber Triage is an automated incident response software any company can use to investigate their network alerts.

Irdeto

Irdeto

Irdeto is the world leader in digital platform security, protecting platforms and applications for media & entertainment, gaming, connected transport and IoT connected industries.

BELAC

BELAC

BELAC is the national accreditation body for Belgium.

Touchstone Security

Touchstone Security

Touchstone Security is a company with a passion for technology, a hyper-focus on cybersecurity, and a special affinity for cloud technology.

Patriot Cyber Defense

Patriot Cyber Defense

Patriot Cyber Defense is a Cyber Security and Management Consulting professional services firm.

StackHawk

StackHawk

StackHawk is built to help dev teams ship secure code. Find and fix bugs early before they become vulnerabilities in production.

Crowe

Crowe

Crowe is a public accounting, consulting, and technology firm that combines deep industry and specialized expertise with innovation.

Ward Solutions

Ward Solutions

Ward Solutions are an information security consultancy and managed services company. We help organisations protect their brand, people, assets, intellectual property and profits.

Airgap Networks

Airgap Networks

Airgap is fixing the fundamental flaw of excessive trust. We help enterprises modernize their network for a simple and secure infrastructure.

Datastream Cyber Insurance

Datastream Cyber Insurance

DataStream Cyber Insurance is designed to give SMB’s across the US greater confidence in the face of increasing cyber attacks against the small and medium business community.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

Ostrich Cyber-Risk

Ostrich Cyber-Risk

Ostrich Cyber-Risk is a risk management company that helps organizations reduce the complexity of identifying financial and operational risks related to your cybersecurity posture.

Josef Ressel Centre for Intelligent & Secure Industrial Automation

Josef Ressel Centre for Intelligent & Secure Industrial Automation

The Josef Ressel Centre for Intelligent and Secure Industrial Automation investigates the fundamentals of digital assistants for industrial machines that enable intelligent and secure operation.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

Professional Labs

Professional Labs

Professional Labs specialize in simplifying complex problems for our customers with Cloud Services, Managed Services and Cyber Security.