General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums‘Collective Panic’ Spreads Among Federal Employees Over OPM Hack
http://www.buzzfeed.com/sheerafrenkel/federal-employees-describe-collective-panic-after-massive-ha#.doydbwgwQrThat is just one of many examples of how sensitive information from the compromised security-clearance applications which run to 117 pages in length apiece, not including additional supporting documentation and computer files could be used to raise all kinds of hell for Americans abroad. Another example, reported by Business Insider, concerns a retired military man who disclosed a 20-year affair in his security clearance application. These files are chock-a-block with juicy blackmail information.
Remember, the data breach actually happened near the end of last year it was discovered, apparently by accident, in April, and not disclosed to the millions of victims until now. In previous identity-theft hacking operations, such as the big scores pulled off by Russian gangs over the past few years, the stolen data was sold on black-market websites while it was still fresh. That is one of the ways security investigators learned the extent of the crimes they monitor shadowy criminal data markets carefully. The gang that pulled off the biggest data heist in history does not seem interested in making a few bucks by selling off their wares, or by using the data themselves for financial crime.
Purveyor
(29,876 posts)these employees/officials, top to bottom.
Aerows
(39,961 posts)that this had gone on for so long before they noticed it!
marym625
(17,997 posts)And keeping us informed. Such an unbelievable breach.
The only good thing is that since this has been going on, no one has been hurt because of it. Or is that why the sudden publicity about it and the governments trying to lay blame on you know who
Have to say, my mind is reeling at the moment thinking about things that have happened in the last few years
Kablooie
(18,641 posts)encrypted data is much harder, or impossible to access without knowing the keys.
It also can be accessed nearly as quickly as unencrypted data if the software has the key so there is really no reason for it not to be encrypted.
One government official said that encryption is new technology so they haven't had time to implement it.
Public encryption has only been available for -- 24 years. I guess a quarter century isn't long enough and of course government developed encryption systems much earlier.
Aerows
(39,961 posts)how long it was before they noticed. I agree with the other points you make, too, which is the foundation of the shit sundae, but taking that long to realize it was just the damn cherry on top.
They are also attempting to dodge responsibility for it, too. So obviously, it makes a lot of sense to blame Snowden, because how dare Clapper, Alexander and the gang need to take responsibility for anything. I mean, hey - they can stand up and lie to Congress and get away with it.
haele
(12,682 posts)Because previous threats to information have been through the insider threat, or through improper email/file security.
Warnings about maintaining the latest encryption, protection of personal information (PPI) processes and other information security actions against both inside and outside hackers in the federal government have gone on for years and years (and years), but since upper level management was driven more by bean-counters and sequester politics than their actual responsibilities to their tasking and data, security always took a back seat.
The information was protected by a firewall on a system that "could only be accessed by official personnel" with either a ID/password or CAC/PIN.
That was supposedly good enough, right? We don't have to spend that time convincing Congress that we need couple million dollars of new infrastructure and to hire a couple hundred IT specialists to encrypt all the data over a period of 3 - 5 years for our increasingly underfunded agency, right? After all, we have a firewall and our crack in house IT crew - oh, which we just privatized to BAH because we had to cut our OPN and mission funding costs and transfer it over to the contracts side of the house.
Well, the chickens have come home to roost.
Haele
FlatBaroque
(3,160 posts)The Russians are coming!! The Chinese are right behind them!!
Aerows
(39,961 posts)that suddenly the story about the Russians and Chinese decrypting the files came right after this story.