Public sector competence and the sighting of unicorns – hacking edition

Following the hacking story from the US is beyond incredible. I mean really, who would have thought that the IRS story, sickening and disgusting as it is, could be superseded. Hackers (i.e. the Chinese) have the records of every single American public service employee, right down to their applications to work in the foreign service, where they are asked to list any possible issues in their lives that others could use to blackmail them. But who has to hack when they are building the system themselves. Here’s the latest: Encryption “would not have helped” at OPM, says DHS official

But even if the systems had been encrypted, it likely wouldn’t have mattered. Department of Homeland Security Assistant Secretary for Cybersecurity Dr. Andy Ozment testified that encryption would “not have helped in this case” because the attackers had gained valid user credentials to the systems that they attacked—likely through social engineering. And because of the lack of multifactor authentication on these systems, the attackers would have been able to use those credentials at will to access systems from within and potentially even from outside the network. . . .

Some of the contractors that have helped OPM with managing internal data have had security issues of their own—including potentially giving foreign governments direct access to data long before the recent reported breaches. A consultant who did some work with a company contracted by OPM to manage personnel records for a number of agencies told Ars that he found the Unix systems administrator for the project “was in Argentina and his co-worker was physically located in the [People’s Republic of China]. Both had direct access to every row of data in every database: they were root. Another team that worked with these databases had at its head two team members with PRC passports. I know that because I challenged them personally and revoked their privileges. From my perspective, OPM compromised this information more than three years ago and my take on the current breach is ‘so what’s new?'”

They’re incompetent, you can’t trust them and they are socialists. What’s left to go wrong from here?

This entry was posted in American politics. Bookmark the permalink.

12 Responses to Public sector competence and the sighting of unicorns – hacking edition

  1. Token

    If the Chinese have the records, so does the NSA. Same goes with access to the Clinton server.

    When do you think that Congress will put the NSA head under oath asking for access? My bet is a few weeks after she has a lock on the nomination, with Bernie Sanders as the alternatve, and before she has chosen a vice president.

  2. Mayan

    This is something to keep in mind when reading about the implementation of electronic medical records. Apparently, the government has decided that people will be able to opt out of this scheme, which is what I shall do.

    Doctors who keep their records on paper might find themselves becoming quite popular.

  3. incoherent rambler

    Methinks people, including the MSM elite and the DoD administration do not understand the implications of this event.

  4. Alexis

    Doctors who keep their records on paper might find themselves becoming quite popular

    Public hospitals are converting to digital now and private hospitals arent far off. You wont have that option soon.

  5. thefrollickingmole

    But dont worry the Feds have top men working on the security of the Obamacare records…

  6. strange

    “and they are socialists.” Says who?

  7. Roger

    And notice how all the bureaucrats running this farce are still in their positions, still pulling enormous salaries. FIFA officials are amateurs compared with them.

  8. Ant

    The left have an extremely high tolerance for incompetence when it’s their side doing it. By contrast, conservatives tend to damn it full stop.

    One of my American work colleagues is working himself up into a lather over a Hillary presidency.

    Or a Martin O’Malley presidency.

    Or a Liz Warren presidency.

    Or – wait for it – a Bernie Sanders presidency – a self proclaimed socialist/communist.

    It doesn’t matter who – or what – as long as it swings hard left, and they’ll follow like little puppies chasing a schmacko tied to a string. Look at their slobbering over Obama, FFS!!!

    On the other hand, I find I’m rather sick in my gut at the idea of either Jeb Bush, Lindsay Graham, Chris Christie and any other RINO, or even Marco Rubio or Rand Paul at this stage. And I’m not even American!

    Trump is a clown, Carson a loose cannon, and the others seem to be cannon fodder except for Cruz and Walker.

    Dream ticket at this moment would have to be: Cruz / Fiorina.

  9. Des Deskperson

    Here’s Katherine Archuleta’s CV:

    “Director Archuleta began her career in public service as a teacher in the Denver public school system. She left teaching to work as an aide to Denver Mayor Federico Peña. When Mayor Peña became Secretary of Transportation during the Clinton Administration, Archuleta continued her public service as his Chief of Staff. Later, Peña was appointed to head the Department of Energy and Archuleta served as a Senior Policy Advisor in the Office of the Secretary.

    After the Clinton Administration, she went back to local government and became a Senior Policy Advisor to Denver Mayor John Hickenlooper.

    Archuleta spent the first two years of the Obama Administration serving as the Chief of Staff at the Department of Labor to Secretary Hilda Solis.”

    Another ‘connected’ ex-schoolteacher. All you need to know.

  10. Tel

    … gained valid user credentials to the systems … able to use those credentials at will to access systems …

    Gosh, you don’t think anyone might have thought of the idea that one user is unlikely to download a million records during a normal day’s work?

  11. J.H.

    Who knows the games that Spooks play anymore….. They probably built a system that was designed to be compromised so that they could get as many double agents and misinformation threads into the Chinese spy networks as possible….. When something is too good to be true. It usually is.

    In an open society, information overload is a better bet than secrecy, because secrets are impossible to keep. In a brightly lit room, a shadowy corner invites scrutiny.

    …. But maybe I’ve read to much John Le Carre . 😉

  12. Paridell

    Through social engineering? Please explain.

Comments are closed.