Earlier this year, the United States Office of Personnel Management (OPM) reported that some 4 million current and past government employees might have had their personal information compromised and stolen by Chinese hackers. Government officials believe that the breach actually occurred last year though it was only discovered some months ago. After the initial discovery, it took several weeks to successfully shut it down, thereby allowing hackers ample time to steal copious amounts of sensitive data.
As part of the remediation process, OPM has contracted with identity theft protection agencies to monitor social security numbers and other sensitive information that might have been stolen. Despite their efforts, however, they may not be successful in preventing the Chinese from accomplishing their agenda, whatever it may be. This is because some sensitive information like a social security number remains the same throughout an individual’s life. As a result, the criminals can simply wait 4 or 5 years until the dust settles before they attempt to use the information for their own purposes.
What exactly are the hackers looking for?
The recent OPM hack marks the 3rd or 4th major breach of personnel record that originated from China. While some people suspect that the Chinese government is responsible, others believe that individual Chinese nationals are behind the criminal cyber activity. Nevertheless, there is a pattern emerging: the Chinese have a veritable interest in acquiring data from American citizens, but why?
Inside intelligence circles, speculation has been rife that hackers are trying to acquire enough information to achieve what is known as spear phishing—a more targeted version of phishing that uses confidential and specific information so that email scams appear to be from an individual or business you know. Another theory is that since the Chinese have enough information to blackmail and threaten exploitation, their real aim is to identify which individuals can be successfully recruited as spies.
Why were the Chinese hackers so successful?
Modern cybercriminals are incredibly focused and have a lot of resources available to them. Once they successfully break into a system, they stay hidden and dormant for a period of time. Then, they slowly begin to introduce different elements that compromise the system in order to create multiple access points in case the primary one is shut down. For this reason, while U.S. Government agencies like the OPM are fairly well protected, the vast networks of information, the amount of available data, and the different access points are all very difficult to protect.
Nonetheless, large government agencies are not the only ones being targeted. Small businesses wrongly assume that hackers won’t go after them. However, on the World Wide Web, the process of targeting a business is largely automated in the sense that whenever a critical point of vulnerability is discovered, criminals don’t hesitate to launch an attack.