The news of the OPM breach continues to reappear in our daily news feeds, with the most recent revealing that more than five million sets of fingerprints have been compromised. Those schooled in the art of human intelligence know that there is no such thing as knowing too much about your potential target for recruitment and the Chinese are clearly putting this rule of thumb into practice. US private security firm Crowdstrike, recently reported in an interview with Fox News that their cybersecurity specialists and analysts have determined that the Chinese are now compiling individual targeting dossiers in the form of a special interest catalog of US government employees, modeled after Facebook, but with far more information than Facebook would have.
While the Crowdstrike executive speaks with a sense of finality – the Chinese will blackmail – the reality is that every individual enjoying the trust and confidence of the US government by virtue of their having a security clearance are also being afforded counterintelligence briefings, and the assumption is that all will retain their trustworthy status and report any attempt to use the personal information gleaned from the OPM breach or any of the other breaches which tangentially touch US government employees.
While speaking at high levels, this may sound rather innocuous and a minor inconvenience. It isn’t and the Crowdstrike folks are correct, it is a big deal and each individual needs to know that their life’s history, warts and all, may have been laid bare.
The OPM Breach:
OPM reported greater than 21 million US government personnel or contractors (both current and inactive) who had applied for a classified security clearance had their information compromised. According to OPM, in addition to the aforementioned fingerprint records, the SF-86 and background investigation data was acquired by a sophisticated intrusion to their system. Unofficially, this intrusion and intelligence collection of individuals information has been associated with China.
The IRS Scam:
According to Krebs on Security, more than 300,000 individuals had their IRS files purloined directly from the IRS. These files contained the tax returns for the affected individuals.
The Anthem Breach:
According to Anthem: The information accessed may have included names, dates of birth, Social Security numbers, health care ID numbers, home addresses, email addresses, and employment information, including income data. We have no reason to believe credit card or banking information was compromised, nor is there evidence at this time that medical information such as claims, test results, or diagnostic codes, was targeted or obtained. Note, the careful use of words here – they are not saying individual’s clinical data was not compromised, they just don’t know, at this time. It should be noted, that the Federal Court Judge has selected the lead counsel to represent the myriad of cases filed against Anthem as a direct result of this breach which affected more than 80 million individuals.
Do the math
If you are sitting in the targeting seat of the Chinese MSS or PLA intelligence organizations, and have information gleaned from these breaches are your disposal you and the cat who has the canary in the cage have much in common. Therefore the reported existence of the US Government Employee Facebook-like targeting application being created by the Chinese really makes sense. Such allows for the collation of the above information collected via the various intrusions into government and insurance entities, and couples it with the information which can be scraped from social networks (Facebook, Twitter, LinkedIn and many more).
When athe opportunity presents itself, the skilled human intelligence operative has the ability to frame the most attractive inducement created specifically for their target of interest. A path which will be much more lucrative than that of the gauche blackmail path, which only results in creating an adversarial relationship, vice the more desirable cooperative relationship. Counterintelligence specialists throughout the defense and intelligence communities will have their hands full ensuring that 100% of those compromised are briefed and trained on handling both the crude and smooth approaches which are surely going to occur downstream.