Daily BulletinHoliday Centre

The Conversation

  • Written by The Conversation
imageData miningShutterstock

More than four million personal records of US government workers are thought to have been hacked and stolen, it has been. With US investigators blaming the Chinese government (although the Chinese deny involvement), this incident shows how data could be the new frontier for those in cyberspace with a political agenda.

In April 2015, the US Office of Personnel Management (OPM) – the body that provides the human resources function for the federal government and is responsible for background checks for security clearances – realised its records had been hacked.

Along with the direct personnel details, there are a whole range of references and contacts contained in the OPM records. The sensitive data could be used to identify people with security clearances, and could be used for the impersonation or blackmail of federal employees. Someone with security clearance could be exposed to identity fraud, where an intruder could gain access to sensitive information using the stolen identifies.

The data could also be used to hack into other government sites. For example, intruders recently attempted to breach the Inland Revenue Service’s systems (this time it was blamed on Russia) using personal information taken from tax returns stolen during other commercial breaches.

Such attacks create a certain amount of national humiliation. The hacking of confidential data from Sony highlighted how embarrassing it can be for information to leak. The contents of its sensitive emails are now searchable on Wikileaks, and we have probably only seen the tip of the iceberg in terms of the data that was taken.

How did the hackers beat the system?

Aware of the threat of attack, the OPM said it has “undertaken an aggressive effort” to improve its cybersecurity over the last year. So why, many might ask, did it take the government so long to detect the security breach?

Many large companies now use advanced intrusion detection systems (IDS) that raise alerts of possible security breaches that are then collected, logged and analysed. At the OPM, the system that detected the breach was called EINSTEIN. It was developed by a division of the Department of Homeland Security to monitor the exit points of US government by examining the packets carried around a network for possible signs of intrusion.

The growing threat of attacks has led to the use of tools that gather all the event logs from IDS agents on a network. Human analysts then have to make sense of the events coming in, in order to spot possible signs of an intrusion. To do this advanced computer systems filter down the event logs and present only the most important ones to the analysts.

imageSpecial Operations Centres (SOC) and SIEM (Security Information and Event Management)

Unfortunately some of the tell-tale signs of an intrusion could be lost. In the case of EINSTEIN, the system has to monitor the gateways devices coming from each of the partner government agencies, where it might be difficult to detect an intruder who has remote access to the inside of one the networks.

It is common for an IDS to detect where there are high rates of data loss (which large amounts of data are filtered off the network). So if this data loss is fairly slow, the IDS will often not detect it. The system must be tuned to show standard signs of intrusions so it does not trigger too many alerts and swamp its human administrators. Cyber attackers, however, often understand these standard detection methods and will use ways to slowing down the intrusion and avoid being noticed.

Many networks use a firewall to separate servers that can be accessed from untrusted networks from the protected main network infrastructure is then protected on another network. In many large networks, IDS agents exist across the whole network and listen for possible intrusions. The problem is that an intruder can often get over the firewall, and then remotely access the protected systems. Many organisations also allow employees to access their computer remotely through a secure network connection. With stolen access details, an intruder can use this remote access path in the same way.

The other major weakness of many IDSs is that they cannot examine the contents of encrypted data packets, such as where users visit secured websites starting with “https://”. To overcome this, many systems ban direct secure connections and route the data via a proxy, where they can examine the packets between the user’s computer and the secure connection to the internet. Unfortunately, intruders can set up connections using what is known as an end-to-end encryption tunnel that bypass this provision and in which data loss cannot be detected by the proxy or IDS.

imageSecure tunnels with proxy and end-to-end

While it has not been proven that the most recent attack was driven by a political agenda, the information once leaked from a site can then be sold on for the purposes of compromising nation states. Governments still need to understand the risks around their documents and make sure there are effective safeguards in place to restrict access to sensitive information. They often have a lot to learn from high-risk companies, such as in the finance sector, where there is often large-scale detection of intrusions and monitoring for data loss.

The US agencies are saying that all those affected by the hack of the OPM will be insured against any loss they might experience as a result. But data is the life blood of most organisations and probably one of its important assets, so the need for improved security increases by the day.

Bill Buchanan does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

Authors: The Conversation

Read more http://theconversation.com/us-hack-shows-data-is-the-new-frontier-in-cyber-security-conflict-42904


The Conversation


Closing the Gap Statement to Parliament

Mr Speaker, when we meet in this place, we are on Ngunnawal country. I give my thanks and pay my respects to our Ngunnawal elders, past, present and importantly emerging for our future. I honour...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Alan Jones

ALAN JONES: Prime Minister, good morning.    PRIME MINISTER: Good morning, Alan.    JONES: I was just thinking last night when we're going to talk to you today, you must feel as though you've ...

News Company - avatar News Company

Prime Minister Bridget McKenzie press conference

PRIME MINISTER: Good afternoon everybody. The good news is that the Qantas flight is on its way to Wuhan and I want to thank everybody for their cooperation, particularly the Chinese Government as...

Scott Morrison - avatar Scott Morrison

Business News

Top 5 Green Marketing Ideas for Your Eco-Friendly Small Business

According to studies, about 33 percent of consumers prefer buying from brands that care about their impact on the environment. This is good news for anyone running an eco-friendly business. It’s a...

Diana Smith - avatar Diana Smith

Choosing the Right Coworking Space For Your Business

As the capital of Victoria in Australia, Melbourne is inhabited by millions of people and is known as one of the most liveable cities in the world. The latter is due to the city’s diverse community...

Sarah Williams - avatar Sarah Williams

What Should You Expect from A Carpentry Apprenticeship?

Those wanting to pursue a career in woodwork, whether it be to make furniture, construct buildings or repair existing wooden structures, will have to first commence a carpentry apprenticeship. This ...

News Company - avatar News Company


Travelling With Pets? Here Is What You Should Know

Only a pet parent can understand the dilemma one experiences while planning a vacation. Do you leave your pets at home?  Will you get a pet sitter or someone to take care of them while you are away?...

News Company - avatar News Company

How to Be a Smart Frugal Traveller

You are looking through Instagram, watching story after story of your followers overseas at a beach in Santorini, walking through the piazza in Italy, and eating a baguette in front of the Eiffel ...

News Company - avatar News Company


Graduation is the stage of life when a student receives the rewards of hard work of years. It must have taken sleepless nights and tiring days to achieve the task. Now, as you have received your cov...

News Company - avatar News Company