‘Convenience,’ ‘accessibility’ blamed for easy hack of OPM systems: DHS, FBI

Tuesday, January 26, 2016 by

(Cyberwar.news) An investigation into the hack of the U.S. government’s Office of Personnel Management information systems discovered last year was “likely” aided by an emphasis on “convenience” and “accessibility” rather than on cybersecurity, an investigation by the Department of Homeland Security and the FBI has concluded.

As reported by FCW, investigators also concluded that continued lack of strong information technology (IT) policies are putting OPM “at high risk for future intrusions.”

“Convenience and accessibility [have] been prioritized over critical security practices,” says a Dec. 23 “cyber alert,” that was distributed to cleared contractors by the Defense Security Service on behalf of DHS and the FBI, FCW reported.

Further, investigators found that “inadequate” patching of the agency’s sub-systems is “symptomatic of a greater patching problem” within OPM, according to the unclassified memo.

Government cybersecurity experts discovered the OPM breach in June, which the agency says compromised data on more than 21 million current and former government employees.

The memo details what cyber security experts at DHS’s Computer Emergency Readiness Team and the FBI have gleaned from the hack that compromised the government’s personnel system, angered lawmakers and began a new conversation about cyber warfare and security in the nation’s capital.

“The quietly distributed, dispassionate analysis is arguably more instructive for information security professionals than the hours of congressional hearings that have been devoted to the breach,” FCW reported.

In addition to providing an analysis of the hack, the memo also listed several generally recommended security practices, including the installation of personal firewalls at agency workstations; monitoring users’ online habits and block sites that are potentially malicious; use encryption for data at rest and in transit; and look into “outbound network traffic observed over TCP port 53 that does not conform to the DNS [Domain Name System] protocol.”

The member does not list OPM by name, referring instead to the agency as “Organization 1.” However, FCW reported, at least a half-dozen cyber intelligence experts – some who are former officials – reviewed the memo and said they believe it is likely referring to OPM based on a number of key data points. The web site said a pair of OPM officials who saw the memo agreed.

The breach cost former OPM Director Katherine Archuleta her job and has put pressure on remaining OPM officials to bolster cybersecurity of the agency’s IT systems.

Several cyber security experts have said they believe that China was behind the hack, though the Obama administration has yet to publicly implicate Beijing.

CNN reported China could be constructing a massive database of U.S. government employees. The news network also reported that law enforcement sources said the same hackers responsible for the OPM theft were also behind the hack of Anthem Insurance earlier last year, in which information on tens of millions of customers was stolen.

As Cyberwar.news reported earlier, there was initially some concern that the hackers could misuse fingerprint files on some government employees contained in the OPM databases.

However, according to the agency, “federal experts believe that, as of now, the ability to misuse fingerprint data is limited.”

Still, officials further acknowledged that, in the future, technologies could be developed to take better advantage of the stolen prints.

See also:

FCW

CNN

Cyberwar.news is part of the USA Features Media network of sites. For advertising opportunities, click here.


Comments

comments powered by Disqus

×
Please like our Facebook Page
Show us your support by liking our page!
Close This Box