[cryptome] Re: USG v Apple: Hack of US government Security clearance system

  • From: douglas rankine <douglasrankine2001@xxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Sat, 5 Mar 2016 19:18:30 +0000

It gets worse...American children exposed to the Chinese Secret Service...what is the world coming to...And do the US establishment care...doesn't seem like it. And there was I...watching a programme with all those POTUS candidates, kissing kids and telling everyone how lovely they are and how we have to get America out of the shit, and make it great again, by building walls and fortresses across the American South. Barriers seem to be misplaced these days. A bit like Antonines Wall in Scotland holding back the Sassenachs and Romans from the Gaels.

Two class-action lawsuits have been filed against the agency and Archuleta.

“Today’s new number is staggering,” said William R. Dougan, president of the National Federation of Federal Employees. He added that “it is not yet clear how OPM can handle this massive increase, when they were already struggling with the initial 4.2 million. Now, not only do federal employees have to worry about their own personal information being exposed – but they must also worry about their spouse and children having their information compromised.”

The White House is said to be weighing how to respond to what is being considered an aggressive act of espionage. U.S. officials said options include covert cyber-measures as well as punitive economic sanctions, although the nation’s ability to claim outrage has been undermined by the exposure of its own global spying programs by former intelligence contractor Edward Snowden.

Those responsible for the hack appear to have had access to OPM records for months. U.S. officials said the theft of security-clearance data took place over a six-month stretch that ended in January. The personnel records were stolen from October to April.

The breach of personnel records was discovered in April as a result of new cybersecurity tools OPM had installed, said Andy Ozment, the Department of Homeland Security’s assistant secretary for cybersecurity.

Officials said the thieves broke in by using stolen contractor logins and passwords. Although U.S. officials have said the intrusions were traced to the Chinese government, the Obama administration has not formally accused Beijing.

On 05/03/2016 19:08, douglas rankine wrote:

!The U.S. government has said it will offer the affected employees at least three years of credit monitoring and other identity-protection services. But OPM faces rising anger among members of federal employee unions who say they have received scant information about the breaches."

Well, at least you can't say that the US government doesn't look after its own...:-) . Nice to know that the economic disadvantages of the hack will be protected by the government...

On 05/03/2016 19:04, douglas rankine wrote:
"The CIA, largely appears to have been shielded from damage, especially for employees who have never worked at any other agency, officials said."
That means that by a process of sifting and sorting and elimination, every US diplomat serving abroad who is NOT on the list, must be suspected of being a CIA employee or officer....

On 05/03/2016 19:00, douglas rankine wrote:
"No evidence that breach was exposed for criminal purposes..." That is reassuring. Every govt employee must feel relieved about that...

The hackers’ access was so extensive that U.S. officials said they think it is “highly likely” that every file associated with an OPM-managed security clearance application since 2000 was exposed. Background checks before that time were less likely to be affected, officials said.

The CIA, largely appears to have been shielded from damage, especially for employees who have never worked at any other agency, officials said.

/[Officials: Hackers had access to security data for a year <http://www.washingtonpost.com/blogs/federal-eye/wp/2015/06/18/officials-chinese-had-access-to-u-s-security-clearance-data-for-one-year/>]/

Even so, some U.S. officials have said that a foreign spy service might be able to identify U.S. intelligence operatives by scrutinizing the OPM files. Names that appear on rosters of U.S. embassies but are missing from the OPM records might, through a process of elimination, reveal the identities of CIA operatives serving under diplomatic cover.

“That’s not conclusive that the person might be undercover CIA,” said one U.S. official, who spoke on the condition of anonymity to discuss the sensitive topic. “But it’s certainly worth taking a look at.”

Of those whose data was in the OPM background-check system, 19.7 million had applied for a security clearance. An additional 1.8 million were spouses, family members and other non-applicants, officials said.

Also exposed were 1.1 million sets of fingerprints, detailed financial and health records, and computer usernames and passwords that applicants used to fill out their security-clearance forms online.

OPM Director Katherine Archuleta indicated during a conference call with reporters that there is no evidence that the breach has been exploited for criminal purposes, saying, “There is no information at this time to suggest any misuse.”

On 05/03/2016 18:41, douglas rankine wrote:

When one thinks of the sheer enormity of this hack...and to see it quoted in a court case where the FBI is spending so much time and resources in finding out the info on one Iphone, yet the rest of the government appears to be doing nothing to protect all those employees who work for it. Really is quite shocking. The government is even saying that it was the Chinese government who did the hack and that the information was available for a whole year, before the hack was discovered!!! Of course, the hack was the fault of the Chinese, and they shouldn't have done it. To take advantage of the US in such a way is just downright unethical, illegal and against the very best of international friendship and diplomacy. The stuff wasn't even encrypted!!!.

It really is quite an amazing case this one. One wonders just what the American people are going to do when sufficient numbers of them discover just how much their privacy and secrecy has been compromised. Imagine, all those names, addresses, all sorts of identifiers, jobs, security clearances, who has applied for what, available to the Chinese secret services and government, yet here we have huge amount of resources being spent on mounting a campaign against Apple because the government says it can't get access to information about one terrorist and his networks and circle of friends, aquaintances and fellow conspirers. And all being exposed in the USG v Apple case...

Other related posts: