Saturday, June 6, 2015

Chinese hack leads back to Cold War fears of blackmail in recruiting spies, but the "old chestnuts" are gone


The hack on the personnel records of over four million federal employees seems to originate with the government of China and seems motivated as a strategy for espionage (and not “entourage”).  CNN has a major analysis, several reporters, here and tech reporter Helen Nakishima reports here in the Washington Post. 
  
There is no evidence of the federal employees’ PII winding up among underground black market or Dark Web databases, and that further corroborates the idea that the motive is spying.
   
Speculation, of course, increases that some federal employees with high level clearances could be subject to blackmail.
  
  
It’s a good thing that sexual orientation (the "old chestnut" of Dick Cheney) is no longer a blackmail target for even civilian workers (with clearances, since 1995), or military members (since 2011).  However various kinds of hidden 
   
personal improprieties (like infidelity, or activity with minors) could possibly make someone a target.  So could illegal business deals, “bribery bridge” (a term from Sunday school) or white-collar crime. 
   
It would be ironic if my own PII from when I was a Census employee (2010-2011) could be included, but that’s unlikely.

Federal computer systems, outside DOD, the FBI and intelligence agencies (like the NSA and CIA) seem to be less secure than most large commercial systems (banks, and tech companies like Google and Facebook).  They may be less secure (and less current with security updates) than the systems of some sophisticated small businesses and home users. Aviation and transportation may be particularly vulnerable.

Update: June 12

PII for practically all federal employees and many contractors with security clearances was compromised. This might even include some who have left the government (I worked for Census part time as an interviewer in 2010 and 2011).  

No comments: