In another article from yesterday, we did indeed find out SF-86s were compromised… every one of them.
In addition, point number one explaining the networks of 23 gas pipeline companies having crucial information stolen which could lead to serious sabotage and disruptions in America’s critical infrastructure is alarming. This is what military experts would also consider groundwork for military operations, as the article puts it, and why random pipeline explosions and refinery fires in critical areas of the infrastructure need to be looked at with deeper scrutiny and discernment.
These incidents are eerily coincidental to events leading up to Spetsnaz’s First World War.
In 2013 we were notified by Russian Chief of the General Staff Valery Gerasimov that they were activated and ready for combat. Target marking, sabotage operations and elimination of enemy commanders were on the list of duties.
It’s not a game anymore. The sword is coming.
Part of the reason I am a bit blasé about the Office of Personnel Management hack, is if the Chinese government is indeed behind it, it’s not by any stretch the most dastardly thing they have done in cyberspace. It’s just the most recent one that we know about. It’s getting a lot of press because personally identifiable information (PII) was compromised.
This breach has crossed streams with a breach a year ago that did involve investigative files. David Sanger and Julie Hirschfeld Davis at the New York Times do a good job of untangling these two incidents in their recent article. It takes some close reading to understand that the headline, “Hackers May Have Obtained Names of Chinese With Ties to U.S. Government”, isn’t about this incident but the hack of an OPM contractor a year ago.
So, based on what we know now, this incident is a big loss of PII but it’s not that big a loss of information of intelligence value. We may find out later that the hackers also got their hands on the SF-86s—the forms you fill out when you apply for a security clearance. I am fully confident that if the investigation uncovers those losses, there will be a second statement from OPM and an offer for credit monitoring for contractors and family members.
To put all of this in perspective, here are five Chinese hacks that are worse than the breach at OPM based on a list of significant cyber incidents compiled by the Center for Strategic and International Studies:
- February 2013. DHS says that between December 2011 and June 2012, cyber criminals targeted twenty-three gas pipeline companies and stole information that could be used for sabotage purposes. Forensic data suggests the probes originated in China. Why it’s worse: Espionage is one thing, sabotage is another. This incident crosses into what might be called “preparation of the battlefield”—laying the groundwork for military operations. In this incident, the hackers targeted an entire sector. They weren’t going after business data or stealing designs. The worst you can do with PII? Gain account access. The worst you can do with this info? Blow up pipelines.
- February 2012. Media reports say that Chinese hackers stole classified information about the technologies onboard F-35 Joint Strike Fighters.Why it’s worse: Under current norms, military technology is fair game but this one is devastating if true. The hack targeted classified information on one of our most advanced weapons platforms. The info could save the Chinese decades in research and development. Worse, it could be used to find vulnerabilities that could be exploited in combat—think the pilot episode of Battlestar Gallactica.
Full article: 5 Chinese Cyber Attacks That Might Be Even Worse Than the OPM Hack (Defense One)