06.24.15

The ‘Keys To The Kingdom’ Stolen

Cyber Breach At OPM Exposes ‘The Personal Data Of An Estimated 18 Million Current, Former And Prospective Federal Employees’

 

SEN. RON JOHNSON (R-WI): “It is disturbing to learn that hackers could have sensitive personal information on a huge number of current and former federal employees — and, if media reports are correct, that information could be in the hands of China. It is even more troubling that this is only the latest in a series of cyberattacks on the Office of Personnel Management (OPM). … Plainly, it must do a better job, especially given the sensitive nature of the information it holds.” (Sen. Johnson, Press Release, 6/4/15)

  • JOHNSON: “The Obama administration must better protect the data that Americans entrust to it… The administration must immediately implement better protection for all data it keeps. It must determine who did this and exactly what was stolen. And it must conduct a swift and proper response against the perpetrators.” (“Johnson Wades Into OPM Hacking Probe,” Wisconsin Politics, 6/23/15)

SEN. JOHN BOOZMAN (R-AR): “The massive breach of OPM systems may have been the most devastating cyber-attack in our nation’s history. … The American people have lost faith in their institutions. The last thing they will do is trust Washington to solve a problem when it can't even protect the personal information of those it employs. There needs to be a dramatic change in the status quo.” (Sen. Boozman, Press Release, 6/23/15)

‘An Absolute Calamity’ -- ‘The Personal Data Of An Estimated 18 Million … Were Affected By A Cyber Breach At The Office Of Personnel Management’

“The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management - more than four times the 4.2 million the agency has publicly acknowledged. The number is expected to grow, according to U.S. officials briefed on the investigation.” (“First On CNN: U.S. Data Hack May Be 4 Times Larger Than The Government Originally Said,” CNN, 6/23/15)

“It all started with an initial intrusion into OPM's systems more than a year ago, and after gaining that initial access the hackers were able to work their way through four different ‘segments’ of OPM's systems, according to sources.” (“OPM Hack Far Deeper Than Publicly Acknowledged, Went Undetected For More Than A Year, Sources Say,” ABC News, 6/11/15)

“U.S. investigators believe the Chinese government is behind the cyber intrusion, which are considered the worst ever against the U.S. government.” (“First On CNN: U.S. Data Hack May Be 4 Times Larger Than The Government Originally Said,” CNN, 6/23/15)

“Given the scale of the breach as publicly disclosed by the Obama administration and OPM, it's likely that the hackers obtained the SF-86 data of every military member who filled out the form on a computer, something that has been standard practice in Defense Department for well over a decade, said a retired senior intelligence community official who writes a blog under the pen name Victor Socotra.” (“Military Clearance OPM Data Breach 'Absolute Calamity'” Navy Times, 6/17/15)

“‘They got everyone's SF-86,’ one Pentagon official familiar with the investigation told Military Times.” (“Military Clearance OPM Data Breach 'Absolute Calamity'” Navy Times, 6/17/15)

JOHN SCHINDLER, Former NSA Official: “…OPM has sort of slow-rolled how bad this really is. And what has been compromised includes security clearance information, background investigation information for millions of past and present employees across the U.S. government, including the Pentagon and the intelligence community. This is really, really bad.” (“Ex-NSA Officer: OPM Hack Is Serious Breach Of Worker Trust,” NPR, 6/13/15)

  • SCHINDLER: “Whoever has OPM’s records knows an astonishing amount about millions of federal workers, members of the military, and security clearance holders. They can now target those Americans for recruitment or influence. After all, they know their vices, every last one—the gambling habit, the inability to pay bills on time, the spats with former spouses, the taste for something sexual on the side—since all that is recorded in security clearance paperwork. … Speaking as a former counterintelligence officer, it really doesn’t get much worse than this.” (“China’s Spies Hit The Blackmail Jackpot With Data On 4 Million Federal Workers,” The Daily Beast, 6/11/15)

Administration Was Warned OPM System A ‘Chinese Hacker’s Dream,’ Yet Did Nothing

SEC. OF DEFENSE LEON PANETTA: “…we know that foreign cyber actors are probing America's critical infrastructure networks. … The collective result of these kinds of attacks could be a cyber Pearl Harbor.” (Sec. Panetta, Remarks, New York, NY, 10/11/12)

  • ‘The inspector general at the Office of Personnel Management… issued a report in November that essentially described the agency’s computer security system as a Chinese hacker’s dream’ “The inspector general at the Office of Personnel Management, which keeps the records and security clearance information for millions of current and retired federal employees, issued a report in November that essentially described the agency’s computer security system as a Chinese hacker’s dream. … A number of administration officials on Friday painted a picture of a government office struggling to catch up, with the Chinese ahead of them at every step.” (“U.S. Was Warned Of System Open To Cyberattacks,” The New York Times, 6/5/15)

 

‘The Pearl Harbor Of The First Cyber War,’ ‘A Cyber 9/11’

WALL STREET JOURNAL: “If you thought Edward Snowden damaged U.S. security, evidence is building that the hack of federal Office of Personnel Management (OPM) files may be even worse.” (Editorial, “Obama’s Cyber Meltdown,” The Wall Street Journal, 6/25/15)

COMMENTARY MAGAZINE: “As is the case with virtually all preemptive strikes, hackers believed to be linked to the People’s Republic of China have executed an attack so comprehensive and sophisticated that it could only have one aim: the preventative neutering of America’s defensive capabilities. Along with others, I dubbed this the nation’s cyber-Pearl Harbor last week, and that characterization looks only more apt today. This staggering incompetence is eclipsed only by the extent of the damage done to American national security.” (“The Terrible Scale of the Chinese Cyber-Pearl Harbor Attack,” Commentary Magazine, 6/12/15)

BREITBART: “…we learn the Obama administration lied furiously to cover up the extent of the damage and its own ineptitude. This attack was absolutely catastrophic. Those who describe it as the Pearl Harbor of the First Cyber War are not far off the mark. And it is very clear President Obama and his hapless crew have no idea what to do about it.” (“Cyber War Pearl Harbor: Obama Administration’s Excuses And Lies About OPM Hack Melt Away,” Breitbart, 6/13/15)

 

Part Of A Pattern: ‘The Federal Government … Has For Years Failed To Take Basic Steps To Protect Its Data From Hackers And Thieves’

‘The federal government … has for years failed to take basic steps to protect its data from hackers and thieves’ “Passwords written down on desks. Outdated anti-virus software. ‘Perceived ineptitude’ in information technology departments. The federal government, which holds secrets and sensitive information ranging from nuclear blueprints to the tax returns of hundreds of millions of Americans, has for years failed to take basic steps to protect its data from hackers and thieves, records show.” (“Federal Agencies Are Wide Open To Hackers, Cyberspies,” AP, 6/23/15)

  • “The security lapses have persisted even as cyberattacks on government networks have increased. The federal government dealt with 67,196 cyber incidents in the last fiscal year, up from 57,971 incidents the year before, according to the White House report card, which was published in February.” (“Federal Agencies Are Wide Open To Hackers, Cyberspies,” AP, 6/23/15)
  • “Last year, the Senate Homeland Security and Government Oversight Committee published a scathing report chronicling the sorry state of federal computer defenses. ‘Data on the nation's weakest dams, including those which could kill Americans if they failed, were stolen by a malicious intruder. Nuclear plants' confidential cybersecurity plans have been left unprotected. Blueprints for the technology undergirding the New York Stock Exchange were exposed to hackers,’ the report began. All of that was due to government lapses, the report said. In many cases, the negligence was incredibly basic.” (“Federal Agencies Are Wide Open To Hackers, Cyberspies,” AP, 6/23/15)
  • ‘The departments of Treasury, Transportation, State and Health and Human Services have significantly worse records’ than OPM. “…the Office of Personnel Management is under fire for allowing its databases to be plundered by suspected Chinese cyberspies in what is being called one of the worst breaches in U.S. history. ... But the departments of Treasury, Transportation, State and Health and Human Services have significantly worse records, according to the most recent administration report to Congress under the Federal Information Security Management Act. Each of those agencies has been hacked in the last few years.” (“Federal Agencies Are Wide Open To Hackers, Cyberspies,” AP, 6/23/15)

 

###
SENATE REPUBLICAN COMMUNICATIONS CENTER