Chinese hackers

Enter the dragon

This month’s issue of the Portal is all about the giant hack of the Office of Personnel Management’s files. Anyone who has applied for a government security clearance since 2000 – or is a close relative or friend of someone who did – should definitely read the article. But everybody else should be very concerned as well, for the implications are universally dire.

It was called “the worst hack of all time” early on and the more we know, the more accurate that assessment seems to be. In terms of numbers, it’s big and growing – from over four million people affected to now more than twenty-two million. But even more important than the amount is the kind of information stolen: not just everything needed to steal identities, but the most intimate and sordid details of a person’s life gained from security interviews. Even a million fingerprints have been taken. Frighteningly, one question that may never be answered is whether or not the hackers changed or deleted any information. In any case, our entire intelligence service has been compromised.

The government’s failure to act swiftly is not helping. The director finally resigned recently, but the authorities still seem to be floundering around as if paralyzed in shock. They’ve belatedly upgraded website security measures and offered free credit monitoring to affected employees. Given the kind of exposure involved, this all seems woefully inadequate, and indeed, is causing fear and anger among the ranks to grow.

But Director of Intelligence James Clapper, with grudging admiration, finally named a single suspect – China – surprising nobody. One reason may be that to call them out will require the government to consider an appropriate reaction, which will likely just make things even more confrontational and dangerous. Already one Congressman has said that the country is under attack, and others that it was worse than 9/11.

It will take a while for the true extent of the assault to be understood, and even longer to develop a strategy to minimize the effects. At a minimum, it could lead to much more stringent identification and authentication methods. At worst, it could lead to cyberwar.

SWCP will continue to follow this, and other important Internet security news, and update you here and in the Portal as events unfold.