Feds Who Didn't Even Discover The OPM Hack Themselves, Still Say We Should Give Them Cybersecurity Powers

from the really-now? dept

Fri, Jun 12th 2015 1:35pm — Mike Masnick

We already described how the recent hack into the US federal government's Office of Personnel Management (OPM) appears to be much more serious than was initially reported. The hack, likely by Chinese state hackers, appear to have obtained basically detailed personal info on all current and many former federal government employees.

And here's the amazing thing: the federal government wasn't the one who figured out they'd been hacked. Instead, it's now coming out that it was discovered during a product demo from a cybersecurity company (guess their product works, huh?). According to the Wall Street Journal:

But four people familiar with the investigation said the breach was actually discovered during a mid-April sales demonstration at OPM by a Virginia company called CyTech Services, which has a networks forensics platform called CyFIR. CyTech, trying to show OPM how its cybersecurity product worked, ran a diagnostics study on OPM’s network and discovered malware was embedded on the network. Investigators believe the hackers had been in the network for a year or more.

That may go down as one of the most effective product demos ever.

But, what's really sickening about all of this is that the federal government is already using this hack -- which it failed to discover -- as an excuse to pass new cybersecurity legislation, whose sole purpose is to give the feds more information, in the (faulty) belief that they'll "help" prevent future attacks. Within days of the initial report of the hack, Senator Mitch McConnell pointed to it as the reason to push cybersecurity legislation:

“It might or might not deal with every aspect of what apparently happened a few days ago. But Congress is going to act on cybersecurity on this bill in the very near future.”

Thankfully, cooler heads -- including Senator Patrick Leahy -- prevailed in pointing out that the OPM hack is no reason to rush into cybersecurity legislation -- but it's even more ridiculous than that. The entire premise of these cybersecurity bills is that we need this kind of information sharing so that government folks can "help" to better protect "critical infrastructure." But these same guys are so clueless they can't even protect their own staff files -- and then need outside help to even discover that they were hacked a year ago?

Perhaps it's time to move in the other direction and take away the government's mandate over "cybersecurity" because it's shown little indication that it can handle the problem.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cisa, cybersecurity, fud, hack, information sharing, mitch mcconnell, office of personnel management, opm
Companies: cytech services

16 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

rw (profile), 12 Jun 2015 @ 1:20pm

"Perhaps it's time to move in the other direction and take away the government's mandate over "cybersecurity" because it's shown little indication that it can handle the problem."

Seconded!!!
[ link to this | view in chronology ]
- Pragmatic, 16 Jun 2015 @ 2:34am
  
  Re:
  Thirded, fourthed, and fifthed.
  
  Okay, the big "L's" win this one; the government is incompetent at dealing with cybersecurity.
  [ link to this | view in chronology ]
Ambrellite, 12 Jun 2015 @ 2:20pm

This story illustrates another fatal flaw of the collect-it-all intelligence strategy: all the information in the world can't fix stupid. Every expert worth their salt (and many non-experts too) told them encryption is very important, but they couldn't connect the dot.
[ link to this | view in chronology ]
- Derek Kerton (profile), 12 Jun 2015 @ 4:23pm
  
  Re:
  I don't know if you wrote dot as singular by mistake, or as wit. But I'll guess wit, and mark you "funny".
  [ link to this | view in chronology ]
Anonymous Coward, 12 Jun 2015 @ 2:31pm

If it is China and it is state sponsored, WHY THE FUCK do we still say it's ok for any US company to do business with them , why do 99% of all US products still have china stamped on them , to do business with China is to do business with terrorists right????
/s maybe
[ link to this | view in chronology ]
- Derek Kerton (profile), 12 Jun 2015 @ 4:25pm
  
  Re:
  Would you also agree that Germany should stop doing business with us, since we bugged the Chancellor?
  
  I agree that it's not OK, but we haven't exactly got the moral high ground.
  [ link to this | view in chronology ]
- Anonymous Coward, 13 Jun 2015 @ 3:32am
  
  Re:
  "If it is China and it is state sponsored, WHY THE FUCK do we still say it's ok for any US company to do business with them , why do 99% of all US products still have china stamped on them , to do business with China is to do business with terrorists right????"
  
  Because the US is so in debt to China that the Chinese practically own it now. You could say that the Chinese are just keeping tabs on their investment.
  [ link to this | view in chronology ]
- dirt-lover (profile), 14 Jun 2015 @ 7:28am
  
  Re:
  This why I'm sending back my Iphone TOMORROW
  [ link to this | view in chronology ]
madasahatter (profile), 12 Jun 2015 @ 5:17pm

OPM = Office of Personnel Mismanagement
I have seen reports that OPM security was much worse than hideous. Apparently SSNs and the like were not encrypted. This is basic security.
[ link to this | view in chronology ]
- OPM Director, 12 Jun 2015 @ 7:09pm
  
  Re: OPM = Office of Personnel Mismanagement
  But that takes work...
  [ link to this | view in chronology ]
Anonymous Coward, 12 Jun 2015 @ 5:37pm

Chinese hackers ... yeah, right.
Why do people connect sensitive/critical assets to the internet?
[ link to this | view in chronology ]
- James Clapper, 12 Jun 2015 @ 7:40pm
  
  Re:
  Exactly.
  
  Isn't it supposed to be the job of NSA to secure data like this?
  
  Maybe they need to spend a few hundred billion more on their illegal domestic surveillance programs. Everyone knows that mass collection, processing and storage of potential dirt on civil society actors is the first step in setting up basic network security.
  [ link to this | view in chronology ]
Anonymous Coward, 12 Jun 2015 @ 9:17pm

they just need to find a scapegoat to blame all this on and absolves them of any culpability in their efforts to collect illegally obtained info on the citizenry.
[ link to this | view in chronology ]
- dirt-lover (profile), 14 Jun 2015 @ 7:41am
  
  Re:
  That scapegoat thing ? It is already happening
  
  http://in.reuters.com/article/2015/06/14/britain-security-idINKBN0OU02420150614
  [ link to this | view in chronology ]
  - Anonymous Coward, 15 Jun 2015 @ 5:03am
    
    Re: Re:
    And suddenly the over 1 million documents downloaded figure is back.
    Just as the law needs to be overhauled.
    [ link to this | view in chronology ]
The Scholarly Scholar, 14 Jun 2015 @ 3:09pm

Looks like a lot of people will be getting one years free credit monitoring...
[ link to this | view in chronology ]