Daily Bulletin

The Conversation

  • Written by The Conversation
imageMore than just a cyber "whodunnit." Lee Jae Won/Reuters

In the ever-escalating compendium of cyber incidents and intrusions, an enormous US government breach – perhaps the largest ever – came to light last week with news of a federal hack affecting “nearly every government agency.”

This incident, which exploited a zero-day vulnerability (a flaw in software unknown to the public), exposed and puts at risk the personal information of four million federal employees. Keep in mind, the Wall Street Journal has pointed out, that there are only 4.2 million federal workers in total.

Details of the breach are still emerging, but the hack has been traced to China – although it is not yet clear whether or to what extent the government of China was involved.

However, military officers in China are increasingly known to moonlight as cybersecurity consultants and hackers for hire when off the clock. At the same time, as a matter of strategy, countries are increasingly turning to proxies to do their bidding in order to provide plausible deniability in the event they get caught with their hands in the cookie jar.

First reports are not always accurate, though, and the wisest course is to permit the investigation and the forensics to play out. Further, even if attribution in the fullest sense of the term is established, that will not necessarily elucidate intent.

Was the hack state-sponsored or supported, or did the Chinese government simply turn a blind eye and allow the attack to occur?

Even if state involvement is ultimately not proven, the question of whether and to what extent the information finds its way into the hands of the Chinese security services will remain unresolved.

Intelligence trove

What is known is that the perpetrators are the same as those in the breach of health insurers Anthem and Premera Blue Cross, which affected 11 million and 80-plus million individuals respectively, according to the New York Times.

Of particular interest in the current case is whether sensitive data including social security numbers were encrypted.

Undoubtedly there will be plenty of time spent examining whether this data theft was the result of sub-par government practices. In this regard, it is not as if another wakeup call was needed. This was, after all, the fourth hack of US government employee information since March 2014.

imageEdgar Su/Reuters

On the other hand, US government officials are saying that ever-more breaches will come to light moving forward, due to increased US detection capabilities. And US authorities are also emphasizing the bright side of the present case, noting that at least the intrusion was detected.

On the perpetrator’s side of the equation, one wonders about the motivation. If in fact a state actor was involved here, it would seem a bit incongruous (at least at first glance) since the type of information pilfered is the sort that would generally be of greater interest to cybercriminals who seek to profit from identity theft.

The apparent inconsistency resolves itself quickly, however, if one conceives of the case as an exercise in espionage and in particular one of profiling – especially individuals holding security clearances.

Amassing personal information, including a diversity of details about medical and financial histories and performance evaluations, for example, could generate a genuine trove for foreign intelligence services and their proxies to use for their own ends in future — ends such as blackmail, spear-phishing and recruitment.

How to react?

To be clear, there is still much that we do not yet know, and it is crucial that hypothetical scenarios not be dressed up as fact.

Having said that, the possibility of a cyberattack with Chinese state involvement is a disconcerting one, and it should not be dismissed at this stage, especially given the value of the information compromised.

The diplomatic aspect of the incident is as fascinating as it is complex. US-China relations in the cyberdomain operate on many different levels and intersect with the broader military, political and economic spheres.

The present case also comes to light just as the Pentagon has released its latest cyberstrategy, with a particular focus on cyberdeterrence, and just as China has released a new military strategy paper that includes special emphasis on the development and use of cybercapabilities.

So where does this leave us? Assuredly with more questions than answers.

For instance on the US government side, irrespective of “whodunit,” one wonders whether the fundamentals of cybersecurity hygiene, such as encrypted social security numbers, were in place at the time of the breach. Such elements are not in the category of rocket science and, in the event that they may have gone unimplemented, it makes the case for greater public-private partnership and cooperation for the purposes of cybersecurity a tougher sell. Demonstrating poor practices at government agencies diminishes the credibility and perceived capability of the public sector as a reliable partner.

Yet the answer cannot be simply to throw up our arms in frustration and to complacently accept the status quo as the new normal. To the contrary, the US can and should make full use of some of the newest instruments of statecraft that it has added to its toolkit, including this April’s Executive Order entitled “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activity,” which opens the doors for levying economic sanctions against cyberperpetrators.

Complementarily, the country should invoke some of the older, more traditional diplomatic means and methods of advancing US interests. This means working through bilateral and multilateral forums to elaborate and articulate international norms and standards of behavior that will apply to all actors.

Litmus test

From a bilateral perspective, perhaps ironically, later this month, from June 22-24, a high-level delegation from China is scheduled to visit Washington, DC, for the annual US-China Strategic and Economic Dialogue. If both sides are genuinely serious about addressing cybersecurity, this would be a timely and appropriate opportunity to demonstrate their commitment by skipping the pomp and circumstance to address the tough issues.

In short, if indeed this massive hack is the work of a criminal enterprise, then this is China’s opportunity to show that it is serious by conducting a joint investigation with the United States and by prosecuting wherever the facts and evidence lead.

Should China be reluctant to proceed in this manner, then the United States should look to its own legal instruments and invoke and apply them.

In that sense, the case is a litmus test for this country’s policies and practices as well.

Frank J Cilluffo is affiliated with the Center for the Study of the Presidency and Congress, the National Consortium for Advanced Policing, Research Assistance Network + Exchange, and Susan Davis International.

Sharon L Cardash does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

Authors: The Conversation

Read more http://theconversation.com/massive-government-employee-data-theft-further-complicates-us-china-relations-42941

Writers Wanted

Kylie Moore-Gilbert has been released. But will a prisoner swap with Australia encourage more hostage-taking by Iran?


Ancient Earth had a thick, toxic atmosphere like Venus – until it cooled off and became liveable


Not just hot air: turning Sydney's wastewater into green gas could be a climate boon


The Conversation


Prime Minister Interview with Ben Fordham, 2GB

BEN FORDHAM: Scott Morrison, good morning to you.    PRIME MINISTER: Good morning, Ben. How are you?    FORDHAM: Good. How many days have you got to go?   PRIME MINISTER: I've got another we...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Kieran Gilbert, Sky News

KIERAN GILBERT: Kieran Gilbert here with you and the Prime Minister joins me. Prime Minister, thanks so much for your time.  PRIME MINISTER: G'day Kieran.  GILBERT: An assumption a vaccine is ...

Daily Bulletin - avatar Daily Bulletin

Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Business News

Nisbets’ Collab with The Lobby is Showing the Sexy Side of Hospitality Supply

Hospitality supply services might not immediately make you think ‘sexy’. But when a barkeep in a moodily lit bar holds up the perfectly formed juniper gin balloon or catches the light in the edg...

The Atticism - avatar The Atticism

Buy Instagram Followers And Likes Now

Do you like to buy followers on Instagram? Just give a simple Google search on the internet, and there will be an abounding of seeking outcomes full of businesses offering such services. But, th...

News Co - avatar News Co

Cybersecurity data means nothing to business leaders without context

Top business leaders are starting to realise the widespread impact a cyberattack can have on a business. Unfortunately, according to a study by Forrester Consulting commissioned by Tenable, some...

Scott McKinnel, ANZ Country Manager, Tenable - avatar Scott McKinnel, ANZ Country Manager, Tenable

News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion