Pearl Harbor Cyber Attack

[Dale00]

If you were looking for something to raise your blood pressure and once again point out the incompetence of the Federal Government and the Obama Administration, look no further. The facts that nothing was done to prevent the cyber attack on the OPM database and that no righteous retaliation against China will happen are both equally distressing.

...And then it got worse. "Hackers linked to China have gained access to the sensitive background information submitted by intelligence and military personnel for security clearances, U.S. officials said Friday, describing a cyberbreach of federal records dramatically worse than first acknowledged."

And there are lessons in this debacle, if we are willing to learn them.

Aside from regular federal personnel records, which provide a royal route to blackmail, intimidation and identity theft for present and retired federal workers, the hackers also stole a trove of military and intelligence records that could be even more valuable. The forms stolen were Standard Form 86, in which employees in sensitive positions list their weaknesses: past arrests, bankruptcies, drug and alcohol problems, etc. The 120 plus pages of questions also include civil lawsuits, divorce information, Social Security numbers, and information on friends, roommates, spouses and relatives.

The result? About 14 million current and former federal employees are in a state of collective panic over the loss of their information. Former State Department employee Matthew Palmer was quoted as saying, "Who is in danger? I listed friends on those forms and my family members. … Are some hackers going to start going after them?"

Possibly. The U.S. military, even in its current somewhat shrunken state, remains an irresistible force in conventional warfare. But this trove of information is perfect for "fourth-generation warfare," in which conventional strengths are bypassed in favor of targeted attacks on a stronger nation's weaknesses. With this sort of information, China will find it much easier to recruit agents, blackmail decision-makers and — in the event of a straight-up conflict — strike directly at Americans in the government, all without launching a single missile.

That's why experts are calling this security breach a "debacle" and "potentially devastating." Some are even calling it a "cyber Pearl Harbor."

Perhaps that's a bit strong: Unlike the real Pearl Harbor attack, there are no burning and sunken ships full of American sailors. On the other hand, if the Japanese in 1941 could have kept the U.S. from interfering with their Pacific conquests through subtler means than air-dropped torpedoes, they no doubt would have been happy to do so. And that's the situation that China, with cyberattacks such as this one, is trying to bring about.

http://www.usatoday.com/story/opini...ords-hack-china-pearl-harbor-column/71210018/

Peoples-Liberation-Army-Unit-61398

 

[918evo]

They don't want security clearance information to blackmail, intimidate, or steal their identity. They want the info to infiltrate their personal PCs, smart devices, and work computers. It wouldn't take much to create an email account, with a family member's name, and then send a malicious link used to gain access. There is way too much ignorance and neglect of our nation's cyber security. Billions of dollars worth of R and D are being stolen.

 

[LightningCrash]

Lol at that picture, looks like they're playing a first person shooter.

You don't even need that DB for stuff. Just hit up LinkedIn, people have bad opsec.

You could get into my house and drop a 0-day stick onto a PC, it's always on anyway. Leave without a trace.
All of those times you were sure you'd locked the house but got home and found it unlocked, but nothing missing? Maybe you interrupted an implant op. Who knows?

 

[dennishoddy]

Its been well known since the early 80's that the next great world war will be fought and won by those that can defeat the other sides computers.

 

[rhodesbe]

Don't forget the USA plays that game too. We aren't exactly getting bent over by chinese hackers here. Stuxnet was just a small fragment of what our side can do. We don't need FUD... we wrote the book on militarized hacking.

 

[dennishoddy]

Don't forget the USA plays that game too. We aren't exactly getting bent over by chinese hackers here. Stuxnet was just a small fragment of what our side can do. We don't need FUD... we wrote the book on militarized hacking.

And that's a good thing.

We do need to tighten up our defenses. Can't let the hoards over the top of the wall while we are battling them.

 

[Glocktogo]

This makes the 3rd time the .gov has lost my ****. I don't even bat an eye now, I just assume they can't protect it and won't give them any new information. If they ask, I tell them they either already have it, or they can get it from the NSA.

 

[Dale00]

According to ARS Technica, encryption wouldn’t have made much difference. Why? Because the attackers may have been accessing the system from within.

Department of Homeland Security Assistant Secretary for Cybersecurity Dr. Andy Ozment testified that encryption would “not have helped in this case” because the attackers had gained valid user credentials to the systems that they attacked-likely through social engineering. And because of the lack of multifactor authentication on these systems, the attackers would have been able to use those credentials at will to access systems from within and potentially even from outside the network.

Keep in mind that China is being blamed for the intrusion.

Some of the contractors that have helped OPM with managing internal data have had security issues of their own-including potentially giving foreign governments direct access to data long before the recent reported breaches. A consultant who did some work with a company contracted by OPM to manage personnel records for a number of agencies told Ars that he found the Unix systems administrator for the project “was in Argentina and his co-worker was physically located in the [People's Republic of China]. Both had direct access to every row of data in every database: they were root. Another team that worked with these databases had at its head two team members with PRC passports. I know that because I challenged them personally and revoked their privileges. From my perspective, OPM compromised this information more than three years ago and my take on the current breach is ‘so what’s new?’”

Meanwhile, via AoSHQ, No Drama Obama is standing by the OPM’s wise Latina.

President Obama is standing by Office of Personnel Management (OPM) Director Katherine Archuleta despite a series of massive data breaches that have shaken the federal government, the White House said Wednesday.

“The president does have confidence that she is the right person for the job,” spokesman Josh Earnest told reporters.

Of course! Nothing to see, here.

http://pjmedia.com/tatler/2015/06/1...it-contractors-was-located-in-mainland-china/

 

[Dale00]

Bribery and now blackmail. Two tools for subverting our federal government. I'd like to think that someone in the federal government is on top of this and working to turn a bad situation around, but I do not.

...They got what they came for.

“I think they have 95 percent of what they want from both U.S. industry and government,” said Tom Kellermann, chief cybersecurity officer at security research firm Trend Micro.

While China’s aggressive hacking operations are certain to continue, experts say the mammoth data breach at the Office of Personnel Management is a watershed event that will allow Beijing to move from broad reconnaissance to narrowly tailored snooping.

Having already obtained private information on up to 14 million federal employees - including Social Security numbers, arrest and financial records, and details on mental illness and drug and alcohol use - China’s hacking teams can now retreat to the shadows.

“For this point in time we won’t see another massive attack like this. Instead, it will be more targeted ones,” said Tony Cole, global government chief technical officer for security firm FireEye, which has conducted extensive research on Chinese cyber campaigns.

U.S. officials are still trying to figure out the full scope of the data breach, which is believed to have affected security clearance information for the military and spy agencies.

While the United States has not publicly blamed China, investigators privately say China was behind the cyberattack.

The OPM hacks have likely helped China fill out an exhaustive database of federal workers that their teams have slowly been building for over a year.

“Knowing almost every person is incredibly helpful,” said Dmitri Alperovitch, co-founder of cybersecurity firm CrowdStrike, which monitors critical infrastructure attacks. “That type of information they presumably never had access to before.”

Because the hack went undiscovered for a year, the hackers likely had time to do an exhaustive sweep through federal networks.

“If somebody was in last year and they had that much time,” Cole said, “then the odds are that they have a huge cache and have really taken all the crown jewels in that system.”

It appears the digital infiltrators were casting a wide net, similar to the tactics used when targeting health insurers like Anthem and Premera Blue Cross.

While those attacks compromised the Social Security numbers and personal information of more than 90 million people, researchers suspect that the goal was collecting information on U.S. government officials.

With the OPM hack, they likely hit the mother lode.

With a deep data set now safe in hand, Chinese hackers can shift to a “much more clandestine” stage of espionage, Kellermann said.

“They’re going through this data now, and more than likely they're looking for a candidate on whom they may actually want to try and gather more data,” Cole said.

Cole said these digital warriors are looking for exploitable personal details - people who have seen counselors or psychiatrists, for instance.

The thought, Cole said, is “Let’s find out who the counselor is, go crack their system.”

“There's plenty of information that they could still collect in terms of full medical records or more details or financial records,” Alperovitch said.

Beijing officials aren’t going to lose an appetite for maintaining the most comprehensive database possible on U.S. workers, which is a valuable resource in the emerging era of cyber warfare.

Cole suspects the OPM hacking team left behind so-called “beachheads,” essentially undetected entry points that could allow intruders back into a network even after getting kicked out.

“It’s difficult to actually dig through and find all of those indicators,” Cole said. “The government does have some good experts, however, not a lot of them.”

In due time, the Chinese hackers will be back for more.

“They will always be interested in coming back for updates,” Alperovitch said. “The reality is these are campaigns. And persistent campaigns.”

“I have no worries,” he added, “about Chinese intelligence operatives being out of work any time soon.”

http://thehill.com/policy/cybersecurity/245614-chinas-hackers-got-what-they-came-for

 

[Hawgman]

He's gotta pay China back that $2.2 trillion somehow. Heaven's knows we don't have the cash anymore after giving most of that 2.2 to Europe.