VAUNTED U.S. HACKER ALERT DIDN’T WORK
The U.S. government is worried that hackers who raided more than four million federal employment files will use their loot to pry into more-secure computers and plunder secrets about the U.S. military, economic strategy or foreign relations.
Federal officials said Friday the cyber-attack appeared to have originated in China, but did not point fingers directly at the Chinese government. The Chinese said any such accusation would be “irresponsible and unscientific.”
Federal employees were told in a video to change all their passwords, put fraud alerts on their credit reports and watch for attempts by foreign intelligence services to exploit them. That message came from Dan Payne, a senior counter-intelligence official for the director of national intelligence.
“Some of you may think that you are not of interest because you don’t have access to classi- fied information,” he said. “You are mistaken.”
White House spokesman Josh Earnest said he could not divulge much while the case was under investigation. Still, he noted investigators “are aware of the threat that is emanating from China.”
One U.S. official said the breach was being investigated as a national security matter, suggesting authorities believe a nation was behind it rather than a more loosely organized gang of cyber-criminals.
The break-in is an embarrassing showing for the U.S. government’s vaunted computer-defence system for civilian agencies — dubbed “Einstein” — which is costing $376 million this year alone. It’s supposed to detect unusual Internet traffic that might reflect hacking attempts or stolen data being transmitted outside the government.
This latest breach occurred in December but wasn’t discovered until April, officials say. It was made public Thursday.
“The scale of it is just staggering,” said Rep. Adam Schiff of California, top Democrat on the House intelligence committee. There’s no telling how many more attacks could be spawned by the information stolen in this case, he said.
Although most Americans think of identity thieves stealing from credit card or bank accounts, the information about civilian federal workers has other value for foreign spies.
“They’re able to identify people who are in positions with access to significant national security information and can use personal data to target those individuals,” said Payne.
Details from personnel files could be used to craft personalized phoney messages to trick workers. Federal employees who think they are opening an email from co-workers or family members might infect their computers with a program that would steal more information or install spy software. Spies also could use details about an employee’s interests or background to befriend them and try to manipulate them into revealing secrets.
Kevin Mitnick, a former hacker who runs Mitnick Security Consulting of Las Vegas, called the confidential details “a gold mine.”
“What’s the weakest link in security?” he said. “The human. Now you know all about your target.”
The Homeland Security Department said it used Einstein to confirm the breach. But that’s the equivalent of a smoke alarm sounding after the house burned down.
“It didn’t fare so well,” said James Lewis, a cyber-security expert at the Center for Strategic and International Studies, a Washington think-tank. “It’s only a victory if you defeat the opponent, and we didn’t.”