Tuesday, June 16, 2015

Sino Cyber Attack

The scale of a massive cyber-attack on America’s governmental infrastructure that was revealed last week is still coming to light.

As is the case with virtually all preemptive strikes, hackers believed to be linked to the People’s Republic of China have executed an attack so comprehensive and sophisticated that it could only have one aim: the preventative neutering of America’s defensive capabilities. Along with others, I dubbed this the nation’s cyber-Pearl Harbor last week, and that characterization looks only more apt today. In concert with the debilitating effect of Edward Snowden’s revelations while in Russian custody, this attack may seriously hinder America’s ability to secure and respond to more conventional threats to its interests.

A little more than one year ago, the Department of Justice revealed that it had charged five members of the Chinese military’s Unit 61398, an economic cyber-espionage unit, of engaging in criminal activity. They had been accused of being part of a ring of cyber spies that had executed a variety of attacks and surveillance missions targeting U.S. commercial firms and interests. Apparently, around that same period, China executed the largest scale cyber-attack on an American governmental target in history. That’s right: The strike that exposed the personal data of all of the approximately 2.7 million federal employees in the Office of Personnel Management’s systems to People’s Liberation Army hackers went virtually unnoticed for over a year. The scale of the damage done to American information security was not discovered by federal investigators but rather by a private software development firm that uncovered the breach during a routine product demonstration.

This staggering incompetence is eclipsed only by the extent of the damage done to American national security.

The hack exposed the SF-86 background files of virtually every governmental employee; those 127-page forms include all of the applicant’s personal information, as well as the details of their relations, friends, current and former professional contacts, and even old college roommates. “U.S. officials speaking on the condition of anonymity say unequivocally such information was put at serious risk by the OPM hack. Of utmost concern are U.S. employees stationed overseas, including in countries such as China, whose government would covet personal information on relatives and contacts of American officials living in the communist country, according to officials,” read an ABC News report.

“We believe that hackers have every affected person’s Social Security number(s), military records and veterans’ status information, address, birth date, job and pay history, health insurance, life insurance, and pension information; age, gender, race, union status, and more,” a scathing letter from the president of the American Federation of Government Employees warned. “Worst, we believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous.”

But the potential personal information exposed pales in comparison to the information about America’s governmental apparatus that was revealed to Chinese hackers. “In classified briefings to members of Congress in recent days, intelligence officials have described what appears to be a systematic Chinese effort to build a database that explains the inner workings of the United States Government,” the New York Times reported. “They are likely to be particularly interested in the contacts of Energy Department officials who work on nuclear weapons or nuclear intelligence, Commerce Department or trade officials working on delicate issues like negations over the Trans-Pacific Partnership, and, of course, White House officials.”

That’s comforting.

This information could be a coup for Chinese counterintelligence operatives, but it will also be a boon to the PLA’s offensive cyber-espionage operation planners. Not only can the Chinese identify federal officials in positions of authority, they are almost certainly in a better position to isolate those who have weakness or might be compromised. Those targets could be amenable to cooperating with Beijing. Former NSA intelligence analyst John Schindler observed that the People’s Republic tends to rely heavily on ethnic Chinese for intelligence-related purposes, and it now has a list of potentially hundreds of thousands of viable targets in or close to those in positions of authority within the United States.

“The modus operandi of Chinese intelligence and its operations abroad are understood by the FBI and the Intelligence Community. However, the extent of the information loss in the OPM hack is so vast that all the counterintelligence awareness in the world may not be able to offset the advantage in the SpyWar that Beijing has won with this vast data theft,” Schindler wrote. “If you are (or have been) employed with the Federal government and have listed Chinese persons in any way on your SF86, it’s time to be vigilant.”

When the zeros screamed out of the sky over Hawaii in 1941, their targets were America’s offensive naval assets in the Pacific. But for a stroke of luck that kept America’s Pacific carriers out of the harbor, Japan might have successfully neutered America’s ability to defend its interests. Similarly, China’s effort to level the playing field with the United States is as brazen as it is troubling. Those professorial voices of mock prudence that only months ago warned, “we are not likely to see large scale cyber-attacks happen outside actual wars” have unfortunately been proven utterly wrong. While cyber strikes are certain to occur amid great power conflicts, it is clear that they can also be prelude to one.