Daily BulletinHoliday Centre

The Conversation

  • Written by The Conversation
imageMore than just a cyber "whodunnit." Lee Jae Won/Reuters

In the ever-escalating compendium of cyber incidents and intrusions, an enormous US government breach – perhaps the largest ever – came to light last week with news of a federal hack affecting “nearly every government agency.”

This incident, which exploited a zero-day vulnerability (a flaw in software unknown to the public), exposed and puts at risk the personal information of four million federal employees. Keep in mind, the Wall Street Journal has pointed out, that there are only 4.2 million federal workers in total.

Details of the breach are still emerging, but the hack has been traced to China – although it is not yet clear whether or to what extent the government of China was involved.

However, military officers in China are increasingly known to moonlight as cybersecurity consultants and hackers for hire when off the clock. At the same time, as a matter of strategy, countries are increasingly turning to proxies to do their bidding in order to provide plausible deniability in the event they get caught with their hands in the cookie jar.

First reports are not always accurate, though, and the wisest course is to permit the investigation and the forensics to play out. Further, even if attribution in the fullest sense of the term is established, that will not necessarily elucidate intent.

Was the hack state-sponsored or supported, or did the Chinese government simply turn a blind eye and allow the attack to occur?

Even if state involvement is ultimately not proven, the question of whether and to what extent the information finds its way into the hands of the Chinese security services will remain unresolved.

Intelligence trove

What is known is that the perpetrators are the same as those in the breach of health insurers Anthem and Premera Blue Cross, which affected 11 million and 80-plus million individuals respectively, according to the New York Times.

Of particular interest in the current case is whether sensitive data including social security numbers were encrypted.

Undoubtedly there will be plenty of time spent examining whether this data theft was the result of sub-par government practices. In this regard, it is not as if another wakeup call was needed. This was, after all, the fourth hack of US government employee information since March 2014.

imageEdgar Su/Reuters

On the other hand, US government officials are saying that ever-more breaches will come to light moving forward, due to increased US detection capabilities. And US authorities are also emphasizing the bright side of the present case, noting that at least the intrusion was detected.

On the perpetrator’s side of the equation, one wonders about the motivation. If in fact a state actor was involved here, it would seem a bit incongruous (at least at first glance) since the type of information pilfered is the sort that would generally be of greater interest to cybercriminals who seek to profit from identity theft.

The apparent inconsistency resolves itself quickly, however, if one conceives of the case as an exercise in espionage and in particular one of profiling – especially individuals holding security clearances.

Amassing personal information, including a diversity of details about medical and financial histories and performance evaluations, for example, could generate a genuine trove for foreign intelligence services and their proxies to use for their own ends in future — ends such as blackmail, spear-phishing and recruitment.

How to react?

To be clear, there is still much that we do not yet know, and it is crucial that hypothetical scenarios not be dressed up as fact.

Having said that, the possibility of a cyberattack with Chinese state involvement is a disconcerting one, and it should not be dismissed at this stage, especially given the value of the information compromised.

The diplomatic aspect of the incident is as fascinating as it is complex. US-China relations in the cyberdomain operate on many different levels and intersect with the broader military, political and economic spheres.

The present case also comes to light just as the Pentagon has released its latest cyberstrategy, with a particular focus on cyberdeterrence, and just as China has released a new military strategy paper that includes special emphasis on the development and use of cybercapabilities.

So where does this leave us? Assuredly with more questions than answers.

For instance on the US government side, irrespective of “whodunit,” one wonders whether the fundamentals of cybersecurity hygiene, such as encrypted social security numbers, were in place at the time of the breach. Such elements are not in the category of rocket science and, in the event that they may have gone unimplemented, it makes the case for greater public-private partnership and cooperation for the purposes of cybersecurity a tougher sell. Demonstrating poor practices at government agencies diminishes the credibility and perceived capability of the public sector as a reliable partner.

Yet the answer cannot be simply to throw up our arms in frustration and to complacently accept the status quo as the new normal. To the contrary, the US can and should make full use of some of the newest instruments of statecraft that it has added to its toolkit, including this April’s Executive Order entitled “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activity,” which opens the doors for levying economic sanctions against cyberperpetrators.

Complementarily, the country should invoke some of the older, more traditional diplomatic means and methods of advancing US interests. This means working through bilateral and multilateral forums to elaborate and articulate international norms and standards of behavior that will apply to all actors.

Litmus test

From a bilateral perspective, perhaps ironically, later this month, from June 22-24, a high-level delegation from China is scheduled to visit Washington, DC, for the annual US-China Strategic and Economic Dialogue. If both sides are genuinely serious about addressing cybersecurity, this would be a timely and appropriate opportunity to demonstrate their commitment by skipping the pomp and circumstance to address the tough issues.

In short, if indeed this massive hack is the work of a criminal enterprise, then this is China’s opportunity to show that it is serious by conducting a joint investigation with the United States and by prosecuting wherever the facts and evidence lead.

Should China be reluctant to proceed in this manner, then the United States should look to its own legal instruments and invoke and apply them.

In that sense, the case is a litmus test for this country’s policies and practices as well.

Frank J Cilluffo is affiliated with the Center for the Study of the Presidency and Congress, the National Consortium for Advanced Policing, Research Assistance Network + Exchange, and Susan Davis International.

Sharon L Cardash does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

Authors: The Conversation

Read more http://theconversation.com/massive-government-employee-data-theft-further-complicates-us-china-relations-42941

The Conversation


Keeping Australians safe at airports

The Morrison Government is increasing counter-terrorism measures across nine airports by boosting the Australian Federal Police’s capability to disrupt and deter high-risk-incidents.   Prime Min...

Scott Morrison - avatar Scott Morrison

Scott Morrison on Medivac

PRIME MINISTER: The Australian public are in no doubt about our Government’s commitment to strong borders. Our Government has always been consistent. The Liberal and National parties have always b...

Scott Morrison - avatar Scott Morrison

Government will protect religious freedoms by getting the law right

After further considering the hundreds of submissions that have been made to the Exposure Draft of the Religious Discrimination Act (RDA), the Government decided earlier this week to issue a revis...

Scott Morrison - avatar Scott Morrison

Business News

Working at Heights: Why the Risks of Occupational Accidents Still Fall on Builders

In most cities and towns, the construction industry is booming, and all you have to do is look around you to figure out why. In addition to new homes going up all around you, businesses are needed a...

Alertforce - avatar Alertforce

Media and Capital Partners spins out new agency arm Mojo Media

Media and Capital Partners, one of Australia’s leading investor relations and media relations consultancies, has spun out a new, fully integrated consumer, finance and technology PR agency called ...

Media Release - avatar Media Release

How to make your small business survive and thrive in 2020

There’s a global downturn and Australian bricks and mortar retail is in a slump. 2020 is going to be a rough year. Everyone knows that, but a lot don’t know what to do about it. Australia still h...

Dorry Kordahi - avatar Dorry Kordahi


To sell travel packages partner with Holiday Centre - Advertisement

If you are a travel or accommodation provider allow the travel professionals at HolidayCentre.com market your products.. With a business name like Holiday Centre, you can be sure that they will delive...

Holiday Centre - avatar Holiday Centre

6 travel tips you need to know before visiting Melbourne

People have always held Melbourne in high regard with it's numerous coffee stops, it's glorious art galleries, the food scene that can floor any curious palate. There's a unique multiculturalism i...

News Company - avatar News Company

Hertz DriveU

Hertz and Air France launch Hertz DriveU, a new high-quality, hassle-free airport transfer service Hertz DriveU “When you don’t want to drive!” The service is available at more than 300 airports...

Media Release - avatar Media Release