Last Week's Chinese Hack of Federal Employee Info

The bold and successful hack of our Federal Employee database is a BIG DEAL. I’m sure you’ve heard that this information can be used for:

  • phishing schemes
  • identity theft
  • credit attacks
  • e-mail hacks
  • blackmail
  • collection of further, more important and damaging information

In order to fully comprehend the importance of this effort, we have to look at what was done, and what can happen as a result.

Personal information regarding current and past employee identities was stolen. This information give the thieves leverage in attaining more information. The easiest and most useful information to be sought is login credentials for e-mail accounts. The methods used for getting hold of this data are made easier with the personal info. Here is where brute-force attacks by hordes of boiler-room hackers come into play.

E-mail accounts typically store large amounts of communications going back years, if the accounts are that old. These communications become hard to organize and sanitize as the databases grow, simply because most people are too lazy to properly manage them. Sensitive communications, sometimes kept because the owners have emotional ties to them and believe they are secure, are valuable to blackmailers. Sensitive information of nation security importance are kept as well. Notes with details for security contractors, equipment builders and suppliers, and names of important individuals within those organizations can be found. The further back the databases go, the greater the odds that some information is outdated, but also greater are the odds that contact info for important individuals who have moved into private employment can be mined.

Here is one important area that seems to be overlooked in all the media reporting. People move into different positions within public service, move into private service, take up lobbying positions and contractor roles. Some go to work for defense contractors favorable toward them for their official government assistance. In many cases, official e-mail is used to arrange for these changes in life. There are public and private paper trails pointing to important partnerships and liaisons. Creative hackers, phishers, imposters and impersonators, manipulators and control agents are certainly able to use the information stolen, to access further important credentials, and ultimately, work to compromise individuals, organizations and even critical public or military infrastructure.

Just as the initial breech and theft were unknown to us generally dumb public individuals, further and deeper probes and victories will be kept quiet as long as possible. Whereas this recent breech could not help but be exposed by the necessary public notification to millions of employees that credit watch programs were being instituted, the follow up attacks will be much easier to conceal. They will be smaller in number, and targeted, not blanket attacks. They will focus on specific individuals – those with important positions and access.

Information is power, and those with some will want a lot more. I heard today, that the theft wasn’t just of personal information. It also included security clearance information. I could not get much more info than that, but clearance credentials are powerful keys to sensitive parts of our government and defense. This is information that I’m sure the 2nd and 3rd generation of hack and discovery promised to reveal. I think they were lucky, and are having loud and evil celebrations because of it.

It’s no secret to anyone reading this blog that my own personal concerns over domestic security revolve around the damage possible via an EMP strike, or a cyber attack on our grid. A kill shot to our power infrastructure, or even a serious blow, is an active goal of our enemies. The methods available to the info-thieves are so many that I sigh at even trying to reproduce them here. So I’ll just get to the meat of this….

Our risk of some sort of grid shot just went up considerably. If the enemy can not deliver a disruptive attack directly, he’ll try to worm his way in from afar. Both methods are under development. Thinking on the theft, I’m of the mind that my belief on the manner of attack may be in error. It may be more likely that a cyber attack by a major nation state, with a degree of plausible deniability, winds up being the preferred method. It doesn’t take out command and control, but it does tie up huge amounts of resources, and leave us weak. This winter may be a cold one….

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>




Blue Captcha Image


Monthly Archives