Hackers stole data for every federal employee

sublight_

sublight_

ACCESS: Top Secret
Senior Member
Joined
25 August 2012
Messages
1,101
Reaction score
501
Website
www.reddit.com
It's funny that there is always so much debate on every new weapons platform and program, and yet we are losing the biggest battle ever, right under our noses with little to no fanfare.

Millions of federal employees just became juicy espionage targets. This is the kind of thing that should have US intelligence agencies shatting their pants right about now.
 
And yet nobody bothers to do anything about it aside from locking the door after the horse is gone.
 
More reports regarding the two attacks:

ca.reuters.com

Reuters | Breaking International News & Views

ca.reuters.com ca.reuters.com
www.bbc.com

German parliament cyber-attack still 'live'

A cyber-attack on the German parliament uncovered a month ago is still stealing data from Bundestag computers, report German media.
www.bbc.com

Russian hackers accused of attacks on Bundestag and French TV broadcaster

www.telegraph.co.uk www.telegraph.co.uk
www.csoonline.com

German parliament may need to replace all software and hardware after hack

Some parliamentarians are refusing help from German intelligence services, a report said
www.csoonline.com www.csoonline.com

www.bbc.com

Millions of US government workers hit by data breach

Chinese hackers are suspected of carrying out a "massive breach" affecting the personal data of millions of US government workers, officials said.
www.bbc.com
abcnews.go.com

OPM Hack Far Deeper Than Publicly Acknowledged, Went Undetected For More Than A Year, Sources Say

abcnews.go.com abcnews.go.com
 
And it just keeps getting better:

http://www.nationaljournal.com/tech/hack-opm-office-personnel-management-cyber-million-20150709
 
a semi official German magazine claims hackers briefly took over German Patriot batteries in Southeast Turkey . Let's all go ask Tom Cooper whether this is all BS or Russians now support MiG-25 flybys by preventing barrage fire ...
 
sublight is back said:
It's funny that there is always so much debate on every new weapons platform and program, and yet we are losing the biggest battle ever, right under our noses with little to no fanfare.

Millions of federal employees just became juicy espionage targets. This is the kind of thing that should have US intelligence agencies shatting their pants right about now.
Click to expand...
whats juicy about these targets? I don't think that I am being niece when I suggest that this is a low-grade haul for the attacking agency.
 
covert_shores said:
sublight is back said:
It's funny that there is always so much debate on every new weapons platform and program, and yet we are losing the biggest battle ever, right under our noses with little to no fanfare.

Millions of federal employees just became juicy espionage targets. This is the kind of thing that should have US intelligence agencies shatting their pants right about now.
Click to expand...
whats juicy about these targets? I don't think that I am being niece when I suggest that this is a low-grade haul for the attacking agency.
Click to expand...

Why would you think there are no federal employees with access to sensitive information?
 
I don't think that none of those affected have sensitive accesses, but it was their personnel data which was breached not their system accesses to other systems, e.g passwords. And the OPM does not manage military or intelligence staff, or other highly privileged groups.

I agree that it's not good that the breach occurred. But hardly the greatest battle and no indication in my mind that U.S. has lost the virtual war.
 
covert_shores said:
I don't think that none of those affected have sensitive accesses, but it was their personnel data which was breached not their system accesses to other systems, e.g passwords. And the OPM does not manage military or intelligence staff, or other highly privileged groups.

I agree that it's not good that the breach occurred. But hardly the greatest battle and no indication in my mind that U.S. has lost the virtual war.
Click to expand...

But it DOES give them information as to who is vulnerable to being leaned on. Part of the problem is just knowing who the right targets are. This will make that bit much easier.
 
covert_shores said:
I don't think that none of those affected have sensitive accesses, but it was their personnel data which was breached not their system accesses to other systems, e.g passwords. And the OPM does not manage military or intelligence staff, or other highly privileged groups.
Click to expand...

OPM manages (IIRC) all non-DOD federal employees and pretty much all security clearances, which are processed through OPM's eQIP software system. So basically, the hackers may have the full content of some security background investigations. The fact that any compromising info in those investigations was already disclosed by the clearance holders helps reduce the blackmail potential but doesn't eliminate it -- people disclose stuff in their BIs that they woudn't necessarily want their spouses or neighbors to know. Those forms also include enough biographic info to help attack user accounts directly (answers to some password recovery questions, for example, yif you're foolish enough to answer them honestly).

OPM also holds personnel appraisals for most Federal employees -- low performers might be targets for exploitation as disaffected workers, for example.
 
Those are uses for the material, I'm just not thinking this breach is as big an issue as is being made out. Without being specific I can think of easier ways to identify federal employees who can be blackmailed. Countries with developed foreign military intelligence networks, e.g. China and Russia plus some friendly countries, are already adept at locating weak individuals, and these federal employees are worth much less to them than military or intelligence I think.

The alleged compromise of F35 program is a much bigger deal is bet.
 
Grey Havoc said:
http://www.nationaljournal.com/tech/opm-hack-fingerprints-china-20150714
Click to expand...

How much worse can this thing get? Lets dump all the fingerprint scanners and go "iris"....
 
sublight is back said:
Grey Havoc said:
www.nationaljournal.com

How Much Damage Can the OPM Hackers Do With a Million Fingerprints?

The pilfering of 1.1 million fingerprints is "probably the biggest counterintelligence threat in my lifetime," one former NSA official said.
www.nationaljournal.com www.nationaljournal.com
Click to expand...

How much worse can this thing get? Lets dump all the fingerprint scanners and go "iris"....
Click to expand...

You had to go and ask: http://www.cnbc.com/2015/09/23/offi...ed-to-have-fingerprints-stolen-in-breach.html
 
yro.slashdot.org

New US 'Secret' Clearance Unit Hires Firm Linked To 2014 Hacks - Slashdot

An anonymous reader quotes a report from Reuters: A U.S. government bureau set up to do "secret" and "top secret" security clearance investigations has turned for help to a private company whose login credentials were used in hack attacks that looted the personal data of 22 million current and...
yro.slashdot.org

It never rains but it pours.
 

Similar threads

Back
Top Bottom