U.S. Government Agency Computers Hacked… Then Get Hacked Again!

Posted by:

For 4,200,000 or possibly over 21,500,000 more current and past employees of the Unites States, this website hacking story brings really bad news.

It appears most, if not all, of the personal information of over 4.2 million federal employees were stolen via a new and unknown software hack. This new malware was placed onto the computer networks of the Office of Personnel Management (OPM), the federal government’s human resources department, whose records contain all the government employee records as well as who has higher-level security clearances.  Now it may be possible that the reported plus four million affected could actually be over 21,500,000 people.

All fingers has pointed to the Chinese as this attack looks similar to the breach that was launched against health insurance giant Anthem.  Though the US government has not said exactly what information may have been compromised, the federal worker’s union says every federal employee, past and present, has had their information compromised. That, as you can imagine, is a far larger number than 4.2 million that was first reported. The question is “why?”

Information is power

By breaking into the governments computer systems, the information obtained; names, addresses, social security numbers, pay rate, etc. is not taken for financial gain. The goal is to try and see if a US Government employee could be used to obtain information for a foreign powers needs. The objective is to get access to classified or secret information through bribery or extortion, etc. of someone with access to this type of information. It is not very hard to determine what the objective is, but they are many possibilities of potential harm for the US. The hackers wanted this information and created a new malware tool to get it. This took time and testing to be successful.

Then the second cyber attack happens at the OPM

After the first breach, the White House stated that a second breach into the OPM had arose and this time federal security clearance forms containing information about intelligence and military personnel may have been obtained. The document that was geeked out on the second breach was called “Standard Form 86” which is a form for candidates that are applying for a national security positions. This form has sensitive information, including drug and alcohol use, mental illness, bankruptcy and arrest information of each applicant. The form also asks for a list of contacts and relatives, which could possibly expand the reach of the breach to millions more Americans. It is possible that the information on these forms could be used to obtain sensitive information through extortion as well.

President Obama speaks up on Cyber Security

We are seeing more and more government agencies falling victim to breaches and more with come.  President Obama made it clear that we need to have a much stronger cyber security protection plan. One of the problems is that the government’s computers and its security is not the cutting edge of technology and security. The president asked U.S. Congress to move forward on passing cyber security legislation that would step up our defenses for breaches and hacks. While the president did not out right blame China (Which China denied they did it), all fingers point to them in the current investigations of the breach. The president stated, “In some cases, it’s non-state actors who are engaging in criminal activity and potential theft,” he said. “In the case of state actors, they’re probing for intelligence or in some cases trying to bring down systems in pursuit of their various foreign policy objectives”.

When will be the next Government Breach and will it be worse?

It can happen at any time. It may already be in process and has not been discovered yet.  The hackers work in baby steps (credit to the movie “What About Bob”), as mentioned in previous blogs, theses hackers are patient and take their time. They are smart; in this breach of the OPM they created a new software malware to breach the system. The security at the OPM was unable to see the attack and in turn information stolen left the system when it was to late to stop the breach.  The damage was done. As we saw in the second breach, the next steps were to obtain greater information in the OPM computer system as the hackers knew what to look for and obtained more damaging security information.  Like digging a hole and finding a pipe, then knowing to dig deeper around the pipe to get where you want to go.

Remember, what is unknown or new, can’t be seen during a cyber attack.   Just like the attack on the OPM, malware was created to be invisible or appear to be part of normal operation of the system and therefore no security problem was flagged. That’s how the hackers get in. So as the president said, “we need to focus on a unified front to implement stronger and better cyber security technologies”. Simply, if we are able to stop anything that breaches any government computer systems early, then we are able to ensure that nothing of value is obtained. The question is, can this actually be done 100%?

0

About the Author:

Online Security Expert Todd Laff reviews online hacks and security issues and how to protect yourself and secure your network.

Add a Comment