Every day our country comes under attack. No, I’m not talking about terrorist attacks, I’m talking about cyber-attacks. Hacking, which used to be the domain of geeks hiding in their bedrooms and eating Twinkies, has hit the big time. While there are still plenty of hackers out there doing it for personal gain, especially those who practice identify theft, governments are now hiring hackers to break into other counties’ databases.
China is the world leader for this. They actually have a branch of their Army dedicated to cyber-warfare. There, professional hackers try to find their way into databases and systems, disrupting our government’s ability to do business, finding ways of taking control of our military hardware, shutting down our power grid and stealing information that they can use.
While China isn’t the only country which has developed its hacker community into a resource, they are the world’s recognized leaders. They have put the most effort into militarizing hacking, whereas other countries have used hacking for purely financial gain.
Râmnicu Vâleca, in Romania is so famous for hacking, that it is better known by the world’s law enforcement’s name for it, Hackerville. There, thousands of hackers ply their trade, which is cybercrime; fraud over the internet. These hackers are the more conventional kind; those that are in it for money.
But what happened to the federal government’s Office of Professional Management (OPM) wasn’t about money; it was about secrets. It was about finding out about people working for the government and their families. Ultimately, it could have been about blackmail on an unprecedented scale. With the information stolen, any government in the world could seek out people in high office who are susceptible to persuasion, either to save the lives of their family or to save themselves from embarrassing revelations.
The OPM data breach is by far the largest breach of government data that has taken place, to date. Original estimates put the number of victims at about 4 million. But more recent investigative work puts the actual number at about 18 million. There’s even a possibility that information was stolen about all 32 million of the federal employees in the database.
Most troubling was the theft of the SF-86 forms, a 127 page form that is used for conducting background checks before issuing a top secret security clearance. That form has more information about most people’s lives and families than they know themselves.
This was no fishing expedition, looking to see what they could find; this was a highly directed attack, seeking out specific information for exploitation. The data stolen will be useful for the next 30 years, as some of those government employees rise to positions of power and importance. Having a hook to control them with gives any government a strong lever to use against the United States and her interests.
What that means is that the security of the United States has been severely compromised for the next 30 years or so. Depending on who uses that information and how far they are willing to go, there is the potential of compromising just about every government worker, at every level, who holds a security clearance. This includes everyone from the military, to the CIA to the Secret Service.
The most likely culprit of this attack is China. While that would be virtually impossible to prove, they are the ones most capable of fomenting this attack. There is also considerable evidence to show that they have been actively working to pierce our security and get into government computers at all levels. While China does an enormous amount of business with the United States, we should not allow ourselves to be fooled into thinking that they are friends. No, as the largest communist country in the world, they are anything but friends.
We may never know the full impact of this data theft. Much of the data could be used in secret, bending people to the Chinese government’s will, without it ever coming to light. Decisions made at the State Department or the Department of Commerce, which favor China could be simple decisions or they could be motivated by data that has been stolen. There’s no way to tell.
But there’s another aspect of this which is even more troubling. This massive security breach shows just how vulnerable the United States government is to hacking. The Form 86s that were stolen were so sensitive that they should have been guarded like the gold in Fort Knox. Yet, that security was penetrated and the data was stolen. If that can happen to data that is as sensitive as those records, what does that mean for the rest of the government’s data?
Could China use their ability to hack into our systems to take control of military weapons? Supposedly, they already have. I’ve heard rumors of hackers wresting control of drones from military operators. What would happen if they did that during a conflict? Or, even worse, what if they took control of our nukes?
Military hardware isn’t the only thing that has been targeted by these hackers; they have taken a special interest in our power grid, including the nuclear power plants. If they can actually do that, shutting down the grid would be the least dangerous option that they could do. There’s also the possibility of removing safeguards and creating an out-of-control nuclear reaction.
Looks to me like it’s time for the U.S. Government to play catch up… before it’s too late. If you feel like you could be a victim of the data breach please revisit your copy of the Patriot Privacy Kit. Make sure you are implementing all the necessary steps for privacy. You can also visit this page for a summary of what to do: https://www.consumer.ftc.gov/blog/opm-data-breach-what-should-you-do
Here are some other helpful tips:
- Make sure you are using every available security measure at your bank. Many banks now allow you to set up a master password that is to be used for any unusual transactions like wires, ACH transfers, and large withdrawals. The bank would then call you for the password before any of these transactions could take place.
- Place a credit freeze with the major credit agencies. More on how to do this here: https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
- Be diligent. Did you get a weird credit card in the mail that you never applied for? Are you getting mail for someone else routinely to your address? Are there very small but unusual charges on your bank or credit card statements? All of these could be clues that your identity has been stolen.
While none of this gives me a warm, fuzzy feeling, it does show me that what we do as survivalists and privacy-minded folks is important. We never know where the next potential attack is coming from or how serious it will be. But we have seen that it can be huge. The next major attack may be about much more than just stealing information; it could be about shutting our country down.
That gives me plenty of reason to want to keep my powder dry and my survival equipment close at hand. What about you?
Chris and The Patriot Privacy Team
Leave us a comment with your thoughts…