Thursday, January 14, 2016
Data Theft Is a National Security Threat
security clearance dossiers of more than 22 million Americans. It was the
most catastrophic cyber data breach in U.S. history, with the potential to
inflict incalculable damage to our national security. Yet the response from
the Office of Personnel Management (OPM)-the agency that failed to protect
the files in the first place-has been curiously and dangerously
The laid-back tone was set early on. The administration released news of the
theft in dribs and drabs. To date, the full story of what was compromised
The OPM breach is stunning in many ways. For one thing, it was absolutely predictable. For years, the Inspector General had reported security shortfalls in OPM’s information technology infrastructure. Yet OPM ignored these problems. While OPM paid scant attention to the Inspector General’s reports, the Chinese appear to have read them closely and moved to exploit the uncorrected vulnerabilities.
China isn’t interested in stealing money from U.S. government workers.
The attack was conducted to gather sensitive, actionable information and, by extension, achieve a deeper understanding of U.S. national security programs. The adversary will continue its attempts to gain additional information on vulnerable victims.