OPM data breach: Looking at you, China! National Intelligence head stares out Beijing James Clapper, Director of the US' National Intelligence body, has suggested Beijing is behind the successful attacks on the Office of Personnel Management (OPM), which resulted in the theft of millions of federal employees' (including intelligence workers) highly sensitive biographies. Clapper, who reports directly to the …
Demand that Mr China is sent to America immediately to face charges of doing millions of dollars of damage to US government computers and threaten him with a thousand years of imprisonment. The threat alone will convince hackers not to try the same thing again, and everyone can set their passwords back to '1234'.
With security so lax it strikes me that lots of different organizations could have stolen that data, and the feds wouldn't have a clue who stole what when. McCain should be asking if he's ready to leave the investigation & remediation to the people who have a clue and the skills to fix it.
"..The feds wouldn't have a clue who stole what when"
Exactly.
Pointing a bone at China is par for the course and whilst (pwned) chinese machines may have been part of the attack vector I'm pretty sure the culprits are elsewhere.
At least this time they 'fessed up that security was effectively non-existant.
In a cyber war, like other forms of mutually assured destruction, it turns out the side that loses the most is the side with the most to lose. In IT, that's definitely the US. I'm not surprised at all that this happened. What surprised me, and what continues to surprise me, is that the President and Congress can't recognize the huge conflict of interest the NSA has when it comes to assisting with defense against malware. Any time NSA discovers a vulnerability in critical infrastructure, they face a choice: expose it to the developer and let it get fixed, or keep it a secret and hope you can exploit it against a future adversary. The choice is almost always the later, because they don't get rewarded for hacks NOT happening. The USG has intentionally crippled its own defenses, and is working hard on crippling defenses of private companies, through efforts like the new "cybersecurity" bill. This is the logical, natural result.
They leave all the doors and windows open. There's big sign on the roof saying "Nobody Watching" yet he's sure it's China that's been visiting.
Maybe that have, but you can bet that Russia and Israel were in there too - along with anyone else with something bigger than a 56k modem.
Beat me to it. I was going to say Putin, the Norks and israel are off the hook on this one then? Not to mention Cuba, Syria, Iran, Uncle Tom Cobbly an' all.
My money's on a thirteen year old kid somewhere on the planet with a guilty look and a smirk simultaneously on his/her face.
I find it amazing that in other high profile attacks (the ones that make the media), they can establish rather quickly ("quickly" for some value of governmentspeak) but when the government's house is broken into, they don't know. Is the government IT that bad? No logs? No intruder protection? Basically a wide open front door with no one giving a crap? This seems like bad policy, not politics, but incompetence of those in charge of IT (and not the individual department heads of say.. OPM). But then, we've seen a lot of bad policy made whereas in this case, any policy would have been better than none.
After all the stories about NSA spying on everyone in sight it is interesting to see the boot on the other foot. At least there are no silly statements about issuing arrest warrants to members of the Chinese military this time.
Considering the jobs and roles of some of the employees I do wonder why on earth this sensitive personal data was being held on Internet accessible machines.
USA love waving the big "We're number one" foam finger and talking down everyone else. China has been painted as a bunch of useless commies that just copy stuff (similar to Japan in the 1950s/60s).
It must be galling when China shows them up in fields where the USA think they are leaps and bounds ahead.
That Chinese submarine that popped up next to USS Kittyhawk must have caused red faces. This must too.
The scary part is that USA has never responded well to its tail being tweaked. It rouses the school yard bully instinct. Strike out. Hit anyone.
Since 9/11 triggered an attack on Iraq (a good 3000km from where the real hostilities came from), how about they go attack Vietnam again? Like the second attack on Iraq, they've been there before and still have the maps.
Well, NATO is trolling hard 100km from Russia's border dropping stuff from B-52, there is heated talk about nuking cities because these cities are all communist dirtbags wanting to "turn back time" and the Pentagon is angling for money to protect All-American Cities against russian cruise missiles (actually not an article from The Onion!). So there is a fat chance that the next amusement ride courtesy of the MIC ("Tankland Europe"?) will be way closer to home this time (but not result in Agent Orange babies this time, so there is that!).
Nothing to worry about here. As soon as the Chinese 'sand islands' are finished and China has gained total control of the security situation in the South China Sea (it is theirs, after all. It is named for them) then they can begin construction of new data centers on those islands which will be leased under contract to the US Government. Chinese technicians (much more reasonably paid than US Federal employees) will operate the new data centers and guarantee security against any foreign threats!
There, isn't that a comforting thought? And all this time y'all thought our gummint didn't have a clue about what to do!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
