US hack shows data is the new frontier in cyber security conflict.

Abstract

More than four million personal records of US government workers are thought to have been hacked and stolen, it has been. With US investigators blaming the Chinese government (although the Chinese deny involvement), this incident shows how data could be the new frontier for those in cyberspace with a political agenda. In April 2015, the US Office of Personnel Management (OPM) – the body that provides the human resources function for the federal government and is responsible for background checks for security clearances – realised its records had been hacked. Along with the direct personnel details, there are a whole range of references and contacts contained in the OPM records. The sensitive data could be used to identify people with security clearances, and could be used for the impersonation or blackmail of federal employees. Someone with security clearance could be exposed to identity fraud, where an intruder could gain access to sensitive information using the stolen identifies. The data could also be used to hack into other government sites. For example, intruders recently attempted to breach the Inland Revenue Service’s systems (this time it was blamed on Russia) using personal information taken from tax returns stolen during other commercial breaches. Such attacks create a certain amount of national humiliation. The hacking of confidential data from Sony highlighted how embarrassing it can be for information to leak. The contents of its sensitive emails are now searchable on Wikileaks, and we have probably only seen the tip of the iceberg in terms of the data that was taken.