(Chinese computer experts at work. Image from China Defense Mashup).
Sorry- I can’t quite seem to let this thing go about the Chinese gaining access to my government security files. I tossed and turned in the night, and had a dream in which a laser dot was playing around on my chest, and I did not know who was doing the targeting.
Paranoid? Well, they say you only are if in fact they are not out to get you.
There is some seriously crazy stuff going on. I have not got my letter from the contractor fronting for OPM about the data breach. I looked for it in the mailbox yesterday- of course they are sending the letters out in snail-mail- but so far nothing. The people in charge of these things are being quite vague.
There seem to be ominous portents abroad in the land, and I don’t know what they mean.
For example, at 0648 this morning, all three of the phone lines in my apartment rang simultaneously. That included the land-line that came with the Verizon FiOS bundle (that I don’t use- too many solicitation calls) and the Blackberry only used for conference calls, and my cell phone, which is my primary connection to the world.
Simultaneously . Really weird. Figure the odds of that, I wondered. I was not quick enough- or smart enough- to not click on the cell phone, but I did not speak. I was just puzzled at the phenomenon when it occurred, and then I realized it was undoubtedly a robo call of some kind- but why at the same time?
Then I felt a chill. Of course- some database was being pulsed and it contained all my numbers- including ones that are almost never used.
That would suggest that the data is now in multiple hands; since the folks in Peking wouldn’t be pulsing the whole data load, but there are a lot of other folks on the dark web who would.
So, where has all this data gone — who else now has it?
If there was ever a case demonstrating the inability of Government to stay ahead of commercial technology- also used by the hacking community- this is it. Consider how long this has been going on:
Jul . 2014: OPM investigates a breach of its computer networks dating back to March 2014. It assures employees “no personal data appears to have been stolen.”
Aug. 2014: A company providing background checks for DHS is hacked, compromising 30,000 DHS employees though an exploit on an enterprise management software product from SAP.
Nov . 2014: OPM’s Inspector General finds “significant” deficiencies in the department’s IT security.
Dec. 2014 : OPM vows to notify 48,439 federal workers that their information may have been exposed in an attack conducted on a subcontractor to the company hacked in August.
Feb. 2015: Health insurance giant Anthem is hacked nearly 80 million customers.
Mar. 2015: Former Secretary of State Clinton deletes information on the private server at her home in New York. Cyber security experts indicate the server may have been vulnerable to Chinese and Russian hackers while she used the system for official government business.
May 2015: Premera Blue Cross discloses a breach affecting 11 million customers. The incident exposes clinical medical information in addition to personally identifiable information.
May 2015: Carefirst Blue Cross discloses breach impacting 1.1 million customers. Forensic examination indicates the same exploit used in the Anthem and Premara breaches is used.
May 2015: The IRS reveals that tax returns for 110,000 taxpayers were compromised.
Jun . 2015: OPM discloses breach affecting up to 4 million federal employees. Follow-up reports indicate that the breach may extend well beyond federal employees to individuals who applied for security clearances with the federal government, bringing the total to more than 14 million government employees and contractors.
The help from the Government has been to offer credit monitoring for periods ranging between 18 months and two years. After that we are all on our own. To my knowledge, no one has been fired or formally reprimanded for putting us all at significant risk of ruin.
My math is a little rusty- but if there are around 305 million Americans, and according to the Organization for Economic Co-operation and Development (OECD) , 67.4 percent of us are between the ages of 16 and 64. That means that there are 205.4 million working age citizens.
Adding up the number of people compromised in the breaches, a little more than 106 million records- more than half of all American working people- have had the details of their lives shipped off to Guangdong Province. That may also include all the official email used by the US Secretary of State.
There is a fair amount of coverage of the story, but it is muted. Too hard to understand? There are no stunning videos, chanting marchers or anything really sexy to display, and the stories have been relatively low key. But this is the story of the century so far.
Where is the outrage? Why has no one been fired? Why have we not done something? This is an act of war, my friends.
With the continuing revelations of gross digital incompetence, I am getting the creeps. Do you get the feeling that most of us are walking around with digital crosshairs glowing on our backs.
I don’t know about you, but I am not sure 18 months of credit monitoring for those of us who were betrayed is an adequate response. I really liked the suggestion that a smoking kinetic hole might be a way to start.
(Cartoon from the Economist, drawn by Guido Munoz).
Copyright 2015 Vic Socotra
www.vicsocotra.com
Twitter: @jayare303