— by Polydamas
Living in the fifth century, B.C., Lucius Quinctius Cincinnatus was a former Roman statesman and soldier who had retired from public life to his modest farm. When Rome was threatened with imminent defeat by the Aequi and the Sabines, the Roman Senate authorized the appointment of a dictator, a military commander who would be given absolute powers for a limited term until the national emergency was over. Cincinnatus was appointed dictator and then led the Roman infantry to a quick victory over the Aequi. After his victory, and, at the height of his popularity, Cincinnatus immediately resigned his dictatorship and quietly returned to his modest farm. Cincinnatus’ acquisition of and his immediate surrender of absolute, dictatorial power became legend.
Centuries later, General George Washington was also called Cincinnatus by his admirers after he led the Continental Army to victory in the Revolutionary War and then retired to his farm in Mount Vernon, Virginia. Washington rejected Alexander Hamilton’s entreaties to be the United States’ first monarch.
History does not have many examples of men like Cincinnatus and George Washington after him who willingly relinquished absolute dictatorial power. The overwhelming number of dictators held on to their powers until parted from them by death, either violent or of old age. The lure and trappings of power are simply too great a temptation to most mortals.
The lesson and personal example of Cincinnatus must be revisited to address the greatest intelligence crisis and disaster that has befallen the United States in its 239 years of existence. In what can only be described as an audacious intelligence and military coup de grace, Chinese hackers associated with the Chinese military managed to hack into the electronic records of the federal government and to extract from them the most minute details of the lives of American federal employees.
The treasure trove of information purloined by the Chinese hackers includes extremely personal data about federal employees, including invasive employment, family, and medical records, but also crimes, misdemeanors, infidelities, indiscretions, addictions, and sexual fetishes and peccadilloes. The likelihood of these federal employees being compromised and subjected to blackmail by foreign powers is extremely high and portends an unmitigated disaster.
The articles quoted below by Law Professor Glenn Harlan Reynolds (http://tinyurl.com/o9qldyx), by John Schindler (http://tinyurl.com/qhmkbcz and http://tinyurl.com/ntaan4r), and by Shane Harris (http://tinyurl.com/p5on5) masterfully explain the magnitude of America’s resounding defeat in the first decisive cyber world war of the 21st century. Unfortunately, Messrs. Reynolds, Schindler, and Harris do not propose — at least not publicly — any solutions.
We here at The Cassandra Times believe that there is only one workable solution. It is a difficult and costly solution, but it is America’s only chance. China has swiftly and decisively succeeded in decapitating the federal government and its bureaucracy. The American people will not be able to rest again with the knowledge that over two million active federal employees (four million active and retired federal employees) and as many as 20 million individuals, which include private contractors, with access to vast federal powers have been compromised and the overwhelming likelihood that they are no longer pursuing America’s own interests, but, are, instead, being blackmailed into doing the bidding of foreign powers.
The only workable solution is to follow the example of Cincinnatus and implement the immediate retirement with full benefits of all existing federal employees, and any affiliated private contractors who filled out Standard Form 86. They should all be relocated in America’s countryside, far away from Washington, D.C. and from their former positions of power, responsibility, and authority. They should be replaced by state employees from the 50 states who possess the closest experience and skill levels who have never filled out Standard Form 86.
We here at The Cassandra Times fully recognize that there will be gargantuan gaps in knowledge, experience, sophistication, and decision making between the former federal employees and private contractors, on the one hand, and their state replacements. There will, undoubtedly, be a very painful transition period and there will be many errors of ignorance, inexperience, ineptitude, and lack of good judgment. The compromised federal employees and contractors should be transitioned out of their jobs in tranches over a period of not to exceed six months. Also, for the lack of a better term, a “Chinese Wall” or a firewall should be erected to screen former federal employees and contractors from current positions of power, responsibility, and analysis.
In their speeches, Presidents John F. Kennedy and Richard M. Nixon often pointed out that the word “crisis” in Chinese is composed of two characters, the first one signifying “danger” and the second one signifying “opportunity”. The Chinese hackers’ coup is a catastrophic failure and an existential danger to the Republic. However, it also an opportunity for the country to sweep away the ineffectual “Inside the Beltway” thinking process and start anew with the help of the various states.
=====================================================================================================
What if Pearl Harbor happened and nobody noticed?
Glenn Harlan Reynolds
June 14, 2015
In cyberwar, the U.S. doesn’t have an edge.
Last week, while people were going on about the white woman who posed as black to get an NAACP job, Hillary Clinton’s (latest) campaign relaunch and President Obama’s trade-bill debacle in the House, a much bigger story slipped by with much less hoopla: the successful seizure of a vast trove of federal personnel records, reportedly by the Chinese.
And then it got worse. “Hackers linked to China have gained access to the sensitive background information submitted by intelligence and military personnel for security clearances, U.S. officials said Friday, describing a cyberbreach of federal records dramatically worse than first acknowledged.”
And there are lessons in this debacle, if we are willing to learn them.
Aside from regular federal personnel records, which provide a royal route to blackmail, intimidation and identity theft for present and retired federal workers, the hackers also stole a trove of military and intelligence records that could be even more valuable. The forms stolen were Standard Form 86, in which employees in sensitive positions list their weaknesses: past arrests, bankruptcies, drug and alcohol problems, etc. The 120 plus pages of questions also include civil lawsuits, divorce information, Social Security numbers, and information on friends, roommates, spouses and relatives.
The result? About 14 million current and former federal employees are in a state of collective panic over the loss of their information. Former State Department employee Matthew Palmer was quoted as saying, “Who is in danger? I listed friends on those forms and my family members. … Are some hackers going to start going after them?”
Possibly. The U.S. military, even in its current somewhat shrunken state, remains an irresistible force in conventional warfare. But this trove of information is perfect for “fourth-generation warfare,” in which conventional strengths are bypassed in favor of targeted attacks on a stronger nation’s weaknesses. With this sort of information, China will find it much easier to recruit agents, blackmail decision-makers and — in the event of a straight-up conflict — strike directly at Americans in the government, all without launching a single missile.
That’s why experts are calling this security breach a “debacle” and “potentially devastating.” Some are even calling it a “cyber Pearl Harbor.”
Perhaps that’s a bit strong: Unlike the real Pearl Harbor attack, there are no burning and sunken ships full of American sailors. On the other hand, if the Japanese in 1941 could have kept the U.S. from interfering with their Pacific conquests through subtler means than air-dropped torpedoes, they no doubt would have been happy to do so. And that’s the situation that China, with cyberattacks such as this one, is trying to bring about.
What do we do? Well, so far the federal government is offering free identity-theft protection to its employees, but that response is like putting a Band-Aid on a severed limb — so pathetic it’s not even cosmetic. This isn’t like a broken code, where we can just change things around and be almost as good as new. Once out, this information will remain current for years, and there’s no easy or effective way of doing much about that.
But we can learn our lesson, at least. The United States is highly vulnerable to cyberwar, and not very good about defending against it, especially in the lame-and-inept government IT sector, which has not distinguished itself in terms of competence. (Remember HealthCare.gov?)
For the federal government, one lesson is that really important stuff shouldn’t be put online at all. Paper documents have their problems, but at least they can’t be hacked and stolen en masse.
For the rest of us, the lesson is that we should probably think twice before entrusting the federal government with our own information. Because if the feds can’t protect their own sensitive data, on behalf of people who work for the federal government, how good a job are they likely to do on behalf of the rest of us mere citizens?
Glenn Harlan Reynolds, a University of Tennessee law professor, is the author of The New School: How the Information Age Will Save American Education from Itself.
======================================================================================================
John Schindler
Hacking as Offensive Counterintelligence
June 8, 2015
Washington, DC, is reeling from revelations that the Office of Personnel Management, the Federal government’s HR hub, has been extensively hacked. OPM is an obscure but important agency since it holds the personnel records of Federal workers, past and present, and even more, it conducts background investigations for security clearance holders across many Federal agencies.
Based on available information so far, the records of some four million Federal workers, going back to 1985, have been compromised, of whom 2.1 million are currently serving. In what has become the custom inside the Beltway, OPM had repeated warnings about its slipshod computer security practices but not much was done despite the enormously rising threat of foreign hackers. The extent of this needless debacle is truly disastrous, as I explained in a series of tweets the other day.
1/ Let me explain a bit about why the compromise of OPM information is so serious from a security & counterintelligence (CI) viewpoint ….
— John Schindler (@20committee) June 6, 2015
2/ We can take it as a given that career/HR type info has been compromised on 4M FedGov employees (2.1M current) whose data got hacked…
— John Schindler (@20committee) June 6, 2015
3/ That’s important — but far more is background investigation (BI) info which OPM first denied was compromised, now admits it has been…
— John Schindler (@20committee) June 6, 2015
4/ A USG BI, which OPM handles a lot of for many different agencies, is NOT some sort of glorified credit check, it’s much more than that…
— John Schindler (@20committee) June 6, 2015
5/ BI contains very personal & private information, supplied by security clearance applicants then verified (one hopes) by adjudicators …
— John Schindler (@20committee) June 6, 2015
6/ BI data includes your personal life, travels, full bio, details on finances and any “troubles” — legal, private, sexual, you name it…
— John Schindler (@20committee) June 6, 2015
7/ BI also goes into great detail about “foreign national contacts” of clearance holders and applicants — a goldmine for foreign intel ….
— John Schindler (@20committee) June 6, 2015
8/ Whoever has this info now can say about FedGover X that they know more about them than that person’s best friends, even spouse/partner…
— John Schindler (@20committee) June 6, 2015
9/ This is EXACTLY the sort of information any FI service would love to have in order to influence, recruit, or compromise USG personnel …
— John Schindler (@20committee) June 6, 2015
10/ From any CI viewpoint, OPM hack is a certified disaster that it will be difficult to repair in less than decades. A truly epic #FAIL
— John Schindler (@20committee) June 6, 2015
Speaking as a former counterintelligence officer, it really doesn’t get much worse than this. For our Intelligence Community to get hit by this and the Snowden debacle within two years speaks to systemic failure, not “oversights” and “mistakes” any longer. We’re not serious about stemming foreign espionage, as I recently explained, and now that neglect has caused serious pain that will last decades. Some of the damage may not be repairable, ever.
The IC is pointing the finger at China, tentatively, apparently at hacking entities that have a “close relationship” with Chinese intelligence. The case for official Chinese culpability is growing. It seems that Beijing is using aggressive hacking to establish a database of information about millions of Federal workers and security clearance holders.
Why China would do that isn’t difficult to guess. While defensive counterintelligence, the preventing and uncovering of enemy spies, is the “JV” level of counterespionage, as President Obama might put it (notwithstanding that the IC can’t manage even this), the real pros engage in offensive counterintelligence, which aims at recruiting spies inside the enemy camp, particularly inside the opposing intelligence service. That’s how you gain control of the enemy’s central nervous system: You know what he knows about you, hence you can deceive him at a strategic level. This is the essence of SpyWar, as I’ve explained, the secret struggle between the West and adversaries like China, Russia, and Iran, a clandestine battle that never ceases, yet that the public seldom gets wind of, except when something goes wrong. “May we read about you in the newspapers,” is the old Mossad curse/wag for a reason.
Whoever now holds OPM’s records possesses something like the Holy Grail from a CI perspective. They can target Americans in their database for recruitment or influence. After all, they know their vices, every last one — the gambling habit, the inability to pay bills on time, the spats with former spouses, the taste for something sexual on the side (perhaps with someone of a different gender than your normal partner) — since all that is recorded in security clearance paperwork (to get an idea of how detailed this gets, you can see the form, called an SF86, here).
Do you have friends in foreign countries, perhaps lovers past and present? They know all about them. That embarrassing dispute with your neighbor over hedges that nearly got you arrested? They know about that too. Your college drug habit? Yes, that too. Even what your friends and neighbors said about you to investigators, highly personal and revealing stuff, that’s in the other side’s possession now.
Perhaps the most damaging aspect of this is not merely that four million people are vulnerable to compromise, through no fault of their own, but that the other side now so dominates the information battlespace that it can halt actions against them. If they get word that a American counterintelligence officer, in some agency, is on the trail of one of their agents, they can pull out the stops and create mayhem for him or her: run up debts falsely (they have all the relevant data), perhaps plant dirty money in bank accounts (they have all the financials too), and thereby cause any curious officials to lose their security clearances. Since that is what would happen.
If this sounds like a nightmare scenario for Washington, DC, that’s because it is. Decades of neglect have gotten us here and it will take decades to get us out of it. The first step is admitting the extent of the problem. Getting serious about security and counterintelligence, finally, is the closely related second step. Back in the 1990’s, CI professionals warned the U.S. government about the hazards of putting everything online (we also pointed this out about internal databases that were supposed to be “secure”). Any cautions or caveats were dismissed as “old think,” out of hand. We were right about this, just as we were right about insider threats like Snowden. The past is the past, it’s time to move forward and do better without delay. The SpyWar is heating up and there’s no time to waste.
======================================================================================================
The OPM Hacking Scandal Just Got Worse
June 11, 2015
John Schindler, XX Committee
The other day I explained in detail how the mega-hack of the Office of Personnel Management’s internal servers looks like a genuine disaster for the U.S. Government, a setback that will have long-lasting and painful counterintelligence consequences. In particular I explained what the four million Americans whose records have been purloined may be in for:
Whoever now holds OPM’s records possesses something like the Holy Grail from a CI perspective. They can target Americans in their database for recruitment or influence. After all, they know their vices, every last one — the gambling habit, the inability to pay bills on time, the spats with former spouses, the taste for something sexual on the side (perhaps with someone of a different gender than your normal partner) — since all that is recorded in security clearance paperwork (to get an idea of how detailed this gets, you can see the form, called an SF86, here).
Do you have friends in foreign countries, perhaps lovers past and present? They know all about them. That embarrassing dispute with your neighbor over hedges that nearly got you arrested? They know about that too. Your college drug habit? Yes, that too. Even what your friends and neighbors said about you to investigators, highly personal and revealing stuff, that’s in the other side’s possession now.
The bad news keeps piling up with this story, including reports that OPM records may have appeared, for sale, on the “darknet.” Moreover, OPM seems to have initially low-balled just how serious the breach actually was. Even more disturbing, if predictable, is a new report in the New York Times that case “investigators believe that the Chinese hackers who attacked the databases of the Office of Personnel Management may have obtained the names of Chinese relatives, friends and frequent associates of American diplomats and other government officials, information that Beijing could use for blackmail or retaliation.”
We can safely replace “may” in that quote with “almost certainly did” since for Chinese intelligence that would be some of the most valuable information in any of those millions of OPM files. Armed with lists of Chinese citizens worldwide who are in “close and continuing contact” (to cite security clearance lingo) with American officials, Beijing can now seek to exploit those ties for espionage purposes.
This matters because, while many intelligence services exploit ties of ethnicity to further their espionage against the United States — Russians, Cubans, Israelis, even the Greeks — none of the major counterintelligence threats to America are as dependent on blood ties as the Chinese. Simply put, in its efforts at recruiting spies abroad, Beijing is often uncomfortable operating outside its ethnic milieu. Spies run by Beijing who are not ethnic Chinese are very much the exception. This poses less of a problem for them that it might seem, however, as there are something like fifty million “overseas Chinese” worldwide, including about four million living in the United States.
Nearly every espionage case in the United States involving Beijing comes down to the ethnic angle, somewhere. To cite only a few examples, among many, Larry Wu-Tai Chin, a CIA translator/analyst, passed highly classified information to Beijing for over thirty years. Katrina Leung managed to severely damage FBI intelligence against China for years, in a complex and messy operation that confounded the Bureau. Then there’s the messy case of Wen Ho Lee, a scientist employed at Los Alamos National Laboratory, whom U.S. counterintelligence believed passed significant amounts of classified nuclear information to Beijing. Most recently was there was the case of Xiafen “Sherry” Chen, a Federal worker who was caught having unreported meetings with a Chinese regime official.
It should be noted that all the persons mentioned in the previous paragraph were born in China (Lee was born in Taiwan) then immigrated to the United States. They seem to have been persuaded to betray their adopted country on behalf of their native land. Ms. Chen, against whom serious charges were recently dropped, has alleged ethnic bias in the FBI’s pursuit of her, as did Wen Ho Lee. Members of Congress and ethnic activists have joined that chorus too. Interestingly, Beijing has sung the same tune, with regime outlets alleging that anti-Chinese prejudice is at the root of U.S. counterintelligence efforts. However, whatever blame here lies in Beijing, not Washington, DC, since it is China that is exploiting its nationals abroad to further their espionage.
Beijing also uses its citizens abroad to facilitate espionage. An interesting recent case in Hawaii, which is something of a hotbed of Chinese spying, given the large number of U.S. military commands housed on Oahu, involved a retired U.S. Army officer and defense contractor working at U.S. Pacific Command who apparently got honey-trapped by a fetching young Chinese student (this is being a common Chinese tactic). Benjamin Bishop has been sentenced to more than seven years in jail for stealing classified information from work and passing it to a Chinese woman less than half his age, who was in the United States on a student visa.
The modus operandi of Chinese intelligence and its operations abroad are understood by the FBI and the Intelligence Community. However, the extent of the information loss in the OPM hack is so vast that all the counterintelligence awareness in the world may not be able to offset the advantage in the SpyWar that Beijing has won with this vast data theft. If you are (or have been) employed with the Federal government and have listed Chinese persons in any way on your SF86, it’s time to be vigilant.
======================================================================================================
Hackers Stole Secrets of U.S. Government Workers’ Sex Lives
Shane Harris
Daily Beast
June 24, 2015
Infidelity. Sexual fetishes. Drug abuse. Crushing debt. They’re the most intimate secrets of U.S. government workers. And now they’re in the hands of foreign hackers.
It was already being described as the worst hack of the U.S. government in history. And it just got much worse.
A senior U.S. official has confirmed that foreign hackers compromised the intimate personal details of an untold number of government workers. Likely included in the hackers’ haul: information about workers’ sexual partners, drug and alcohol abuse, debts, gambling compulsions, marital troubles, and any criminal activity.
Those details, which are now presumed to be in the hands of Chinese spies, are found in the so-called “adjudication information” that U.S. investigators compile on government employees and contractors who are applying for security clearances. The exposure suggests that the massive computer breach at the Office of Personnel Management is more significant and potentially damaging to national security than officials have previously said.
Three former U.S. intelligence officials told The Daily Beast that the adjudication information would effectively provide dossiers on current and former government employees, as well as contractors. It gives foreign intelligence agencies a roadmap for finding people with access to the government’s most highly classified secrets.
Obama administration officials had previously acknowledged the breach of information that applicants voluntarily disclose on a routine questionnaire, called Standard Form 86, but the theft of the more detailed and wide-ranging adjudication information appears to have gone overlooked.
“Whoever compromised the adjudication information is going to have clear knowledge, beyond what’s in the SF86, about who the best targets for espionage are in the United States,” Michael Adams, a computer security expert who served more than two decades in the U.S. Special Operations Command, told The Daily Beast. “This is the most successful cyber attack in the history of the United States,” owing to the amount and quality of the information that was stolen, Adams said.
U.S. intelligence officers spend years trying to recruit foreign spies to gather the kinds of details and insights that are contained in adjudication information, one former senior U.S. official said.
This official, who requested anonymity, added that adjudication information would give foreign intelligence services “enormous leverage” over U.S. personnel whom they might forcibly interrogate for information or try to recruit.
Adjudication information would include the results of polygraph examinations, both former U.S. officials said. The exam can be extraordinarily intimate, bordering on humiliating. One former official said a polygrapher once asked if he’d ever practiced bestiality. Another said questions are designed to root out potential leakers, noting that he was asked about what contacts he’d had with journalists, including in a social setting.
The OPM’s chief information officer, Donna Seymour, acknowledged when she testified at a House hearing on June 16 that “clearance adjudication information” had been compromised. But the remark went virtually unnoticed, as lawmakers mostly focused their attention on the agency’s embattled director and the OPM’s weak computer security.
The adjudication process had a broad scope, taking into account the SF86 questionnaire, reports from background investigations, interviews with the applicant’s family members and associates, his or her employment history, and for people seeking high-level clearances, the results of polygraph investigations.
Seymour said such records “span an employee’s career” and could stretch back as far as 30 years. Officials have said that as many as 18 million people may have been affected by the breach. Asked specifically what information the hackers had obtained, Seymour told lawmakers that she preferred to answer later in a “classified session.”
Seymour didn’t specify how many people’s information was stolen. But the OPM oversees background investigations, which comprise a key part of the adjudication process, for more than 90 percent of security clearance applicants, according to the Congressional Research Service. An OPM spokesman didn’t respond to a request for comment in time for publication.
A former senior U.S. intelligence official, who asked to remain anonymous, said the OPM breach would cause more damage to national security operations and personnel than the leaks by Edward Snowden about classified surveillance by the National Security Agency.
“This is worse than Snowden, because at least programs that were running before the leaks could be replaced or rebuilt,” the former official said. “But OPM, that’s the gift that keeps on giving. You can’t rebuild people.”
Adjudicators are in a powerful position because in deciding whether to recommend granting a security clearance, they have access to the entire scope of an applicant’s file and are told to make a subjective analysis.
“The adjudication process is the careful weighing of a number of variables known as the whole-person concept,” according to official guidelines. “Available, reliable information about the person, past and present, favorable and unfavorable, should be considered in reaching a determination.”
By design, adjudication is an invasive process, meant to unearth risk factors including drug and alcohol abuse, extramarital affairs, a history of violence, and other events that speak to a person’s “trustworthiness” and their susceptibility to blackmail or being recruited to spy for a foreign government.
For instance, “compulsive gambling is a concern, as it may lead to financial crimes including espionage,” the guidelines say. Adjudicators are told to note “a pattern of compulsive, self-destructive, or high risk sexual behavior,” “relapse after diagnosis of alcohol abuse,” and “emotionally unstable, irresponsible, dysfunctional, violent, paranoid, or bizarre behavior,” among other warning signs in 13 categories.
Some of the embarrassing personal details found in some adjudications have been made public. That’s what happens after an applicant who was denied a security clearance launched an appeal.
But those public reports are anonymous. The names are held back—but are contained in the OPM’s adjudication records. Those were compromised in the hack. In other words, it would be simple for spies to take these once-anonymous reports and attach a name to them.
How invasive are these exams? One applicant admitted to shooting his 19-year-old son in the leg during a physical altercation, sparked by an argument over whether his son’s girlfriend could live with him in the applicant’s grandmother’s house.
Another applicant who’d held a clearance for 25 years while serving in the military had an affair with his former college roommate’s wife “on and off for more than twenty years,” his adjudicator noted. The applicant told the wife about the affair in 2014, and they’re “working through their problems.”
A third applicant was reprimanded by his supervisor for accessing pornography on his work computer. He had “not told his wife about these issues because he feels embarrassed by his conduct,” his file notes.
Debts and drug and alcohol abuse are frequently considered in the adjudication process. One applicant was found to owe nearly $1.8 million from, among other things, four mortgages on three condominiums. He was denied a clearance. But another applicant’s clearance was granted on the condition that he stop drinking, after going through four alcohol addition treatment programs and relapsing every time.
Armed with such intimate details of a person’s worst moments, foreign spies would have unprecedented advantage against their U.S. adversaries. And the news is especially bad for people who hold the highest levels of clearance, which require more rigorous background checks, noted Adams, the computer security expert.
“The higher up you go in your sensitivity levels, the more data that’s in your adjudication file,” he said.
—Alexa Corse contributed research.