OPM Cyber attack: Impact on Federal IT
If you’ve watched the news in the last 6 months, chances are you’ve heard about the Office of Personnel Management’s mismanagement of the security of personnel data aka the OPM cyber attack, especially if you’re a Federal employee/contractor or military, and hanve received “the notice” in the mail. The not-so-recent hack has made headline after headline with millions of military and federal employees left hanging out to dry to possibly become the target of one or more identity theft attacks. This being said, what is happening across the Federal information systems domain to fix what some have described as a systemic problem? First we look at the problems leading up the OPM hack that was announced on July 9th, 2015 per Ars Technica.
In May 2014, OPM responded to a security incident event, to which the actual details of how the penetration was discovered or how long it had been vulnerable for, unknown.
This event wasn’t reported to House Government Oversight Committee immediately and only shared with “relevant agencies in June.” In Katherine Archuleta’s statement at the House Government Oversight Committee’s hearing she stated “In early May, the interagency incident response team shared with relevant agencies that the exposure of personnel records had occurred.” She went on to state that “During the course of the ongoing investigation, the interagency incident response team concluded later in May that additional systems were likely compromised, also at an earlier date. This separate incident—which also predated deployment of our new security tools and capabilities—remains under investigation by OPM and our interagency partners. In early June, the interagency response team shared with relevant agencies that there was a high degree of confidence that OPM systems related to background investigations of current, former, and prospective Federal government employees, and those for whom a federal background investigation was conducted, may have been compromised.”
Katherine Archuleta was sitting in the hot chair since this breach of epic proportions was discovered and has since resigned, stepping down from her position on July 10th. With what is now known to be an estimated 21.5 million victims (National Journal, 2015) from this attack. Who in the government domain is next?
In wake of the OPM’s poor decision making and management of its security policy, Federal CIO Tony Scott has ordered a “30 day sprint” to get Federal agencies to take the problem seriously and assess their security policies and in many cases their system’s potential vulnerabilities to an attack according to GCN. Lax security policies have been the ‘status quo’ for years in the Federal sector with the chairman of the House Intelligence Committee Mike Rogers declaring in 2013 that “95% of the private sector are vulnerable” (Security Affairs, 2015) and that the Federal IT infrastructure was just as vulnerable. These forewarnings told of massive breaches that were imminent, yet seemingly in the wake of OPM, went unheeded.
Network intrusions on .gov and .mil domains have tripled since 2009 which saw around 29,000 attacks to almost 70,000 separate intrusion attempts in 2014 alone accrording to data from The Hill. 2015 is on track to become another record year. This isn’t the first cyber-attack against Federal IT infrastructure and it won’t be the last unless something is drastically changed and a “30 day sprint” isn’t going to fix the problem. Many security researchers project a massive attack against DOD classified systems in the near future unless drastic institutional changes are made.
Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.