Page 14 - index
P. 14
Office of Personnel Management Data Breach Reminder for
Security Measures That Emphasize Faster Detection is
Necessary
By Muddu Sudhakar
Once again, the U.S. government was caught unaware when a massive cyber attack targeting
the Office of Personal Management compromised millions of records – up to 14 million and
possibly more -- that contained highly personal information of current and retired federal
employees. The breach, which is now believed to be one of the largest thefts of U.S.
government personnel data in history, is reflective of an increasingly sophisticated and rapidly
evolving threat landscape that presents exponentially more challenges for organizations than in
previous years. However, there are a few takeaways from this recent attack that organizations
can and should consider when investing in cyber security solutions to protect their critical
assets.
First, the OPM federal breach clearly indicates the growing sophistication and targeted nature of
cyber threats. In the case of OPM, attackers managed to infiltrate sensitive government
databases and target current and former federal workers from almost every government agency
in the country, as well as numerous private sector employees and contractors. Among the
enormous list of targets were top Obama administration officials, which included former and
current cabinet members. Officials predict that the attackers will likely leverage this stolen
personal information from the compromised databases to impersonate government workers in
phishing, spear phishing and other "insider" attacks. This kind of sophistication and coordination
mirrors other high-profile assaults against Sony Pictures, JP Morgan Chase, and Premera Blue
Cross among others. Going forward, organizations should anticipate similar attacks that
leverage advanced techniques to achieve their political and financial objectives.
Secondly, attackers will continue to first target low-hanging fruit – unencrypted data – that gives
them an easy entry into critical systems. The targeted OPM data included background check
application information, which incorporates medical and travel histories, arrest and drug records
and contact information for other people. Yet perhaps surprisingly, this highly sensitive data
remained in government databases unencrypted and vulnerable to attack. Encrypting data is a
fundamental security practice that should be a mandatory part of federal security policies. The
days of government turning a blind eye to the security of its critical assets are long over. This
kind of gross negligence is a matter of national security, and going forward, will be increasingly
unacceptable.
Third, the OPM attack is part of a growing wave of foreign cyber threats sourced to China,
Russia, and elsewhere, that will only become more severe in years to come. Like many other
high profile breaches, the OPM attack is believed to have originated from China – possibly by
the same Chinese hackers that targeted Anthem Insurance earlier this, according to reports.
14 Cyber Warnings E-Magazine – July 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
