Morale: The Chinese Checkmate

Archives

November 24, 2015: American members of SOCOM (Special Operations Command) were dismayed in late 2015 when they all began receiving letters from OPM (Office of Personnel Management) confirming that unknown (but presumably Chinese) hackers had made off with their detailed (including background investigation material) personnel files. This includes fingerprints, details of family members and much more. The theft included all military personnel, including former members and the retired. Since the CIA recruits many of its field agents from former (often retired) SOCOM personnel, many key CIA people were now much less secret.

Word quickly got around that this would not have happened if the United States had taken the same precautions that other Western nations, and even the CIA, take with the personnel records of key military and intelligence personnel. These precautions usually involve making it impossible to access those records via the Internet. OPM had not done that and instead relied on the belief that their Internet security measures were adequate.

Several months earlier the United States was forced to admit that its Internet security efforts failed and that allowed critics within the Department of Defense to go public with the embarrassing reasons why. The main fault lies with poor leadership and that is seen in unwillingness to ensure that basic things, like making sure all systems are patched promptly when software publishers (especially for Operating Systems) make patches available. Too many commanders let these patches accumulate because that’s an old habit in the military. Many commanders, and services (especially the air force) behave like their networks are just air force and forgetting that all Department of Defense networks are connected (except for the ones deliberately kept off the Internet).  These bad attitudes were worse in many civilian agencies, including, obviously, OPM.

All this is the result of a very embarrassing recent Internet based attack. On June 25th the U.S. openly named China as the chief suspect in an April hacker attack that made off with government databases containing  personal information on nearly twenty million government employees (active and retired.) This included data collected for people applying for security clearances.

The Chinese connection appears to have been be confirmed and a few American officials responsible for protecting networks have been replaced. China has officially denied any involvement. Hackers can use the stolen information (personal data on over 20 million Americans, including digital fingerprints for some) for various types of online larceny, or espionage or both. What is particularly worrisome (and making China look even more guilty) is the fact that none of that data has shown up on the Internet black market. Aside from Internet based fraud, the other major use of that data is espionage and trying to blackmail and turn current American intel personnel.