These days, it feels like no one is safe from hackers, fraudsters and identity thieves, including the U.S. government. In fact, political motives can make the government a bigger target than businesses or individuals. A 2014 report showed nearly cyber 61,000 cyber attacks and security breaches across the federal government. Here’s a look at some recent examples and what they mean.
FBI: February 2016
In February, hackers published contact information for 20,000 FBI employees. This came a day after posting names, titles, phone numbers and email addresses for 10,000 Department of Homeland Security employees. Tweeting under the handle @DotGovs, the hackers said they obtained the information by hacking a Department of Justice database. After the details were leaked, hackers made clear their motivations: “FBI and DHS info is dropped and that’s all we came to do, so now its time to go, bye folks! #FreePalestine.” “When will the US government realize we won’t stop until they cut relations with Israel.” An FBI spokesman told CNN sensitive personnel information, including Social Security numbers, was not compromised. “The department takes this very seriously and is continuing to deploy protection and defensive measures to safeguard information,” spokesman Peter Carr told CNN. “Any activity that is determined to be criminal in nature will be referred to law enforcement for investigation."
Office of Personnel Management: June 2015
Two breaches last summer exposed the personnel records and sensitive information of at least 22.1 million people, including federal employees, contractors and their friends and families. U.S. officials pointed to the Chinese government. In September, the Defense Department awarded Identity Theft Guard Solutions LLC a $133 million contract to monitor the hacked data and provide identity protection services to those affected. “It is a very big deal from a national security perspective and from a counterintelligence perspective,” FBI Director James B. Comey told reporters. “It’s a treasure trove of information about everybody who has worked for, tried to work for, or works for the United States government.” Hackers accessed an Office of Personnel Management database containing in-depth security clearance files dating back to 2000 for 21.5 million people. About 4.2 million people were impacted by a separate database intrusion that exposed personnel records, which included Social Security numbers, job assignments and performance evaluations. Of those affected by the OPM background-check breach, 19.7 had applied for security clearance. The remaining 1.8 million were spouses, family members and others who had not applied for clearance. Intruders also accessed 5.6 million sets of fingerprints (up from an earlier estimate of 1.1 million), financial and health records, and computer usernames and passwords.
Juniper Networks: December 2015
U.S. officials said hackers may have had access to encrypted government communications for 3 years following a breach of computer network company Juniper Networks. FBI investigators said hackers who compromised Juniper’s equipment could use that access to access any company or government agency that used it. One official told CNN the breach was akin to “stealing a master key to get into any government building.” In January, the U.S. government began investigation of “unauthorized code” used in Juniper’s firewall software to determine whether it was planted by the NSA.
