A new report from Fox News shows that the entire U.S. national security system was likely undermined by a year-long hacking attack that was spotlighted by the revelations of 21.5 million Americans having their data stolen from the Office of Personnel Management (OPM).
Experts who spoke with Fox say that the data taken is so sensitive that it could be used to blackmail leaders or those who could be elected to public office in the future.
“There may be people walking around with higher levels of clearance than they should have,” one expert told Fox. “I believe the entire national security apparatus is now at risk. It’s mind-boggling.”
“It’s the digital equivalent of Pearl Harbor,” another expert added. “Because people don’t see the carnage, they don’t recognize that this is the equivalent of an act of war. This is about espionage—Cold War tactics in the modern digital age.”
Also being revealed is that contractors to OPM that conducted background checks were hacked. A firm named USIS who worked for Homeland Security was hacked in December 2014; Keypoint, who took over the USIS contract, was hacked in June 2015.
Director of National Intelligence James Clapper has said that China is the leading suspect behind the massive, year-long hacking attack.
The report comes a day after OPM said they are working with the Defense Department to notify anyone impacted by the attack and provide them with identify-fraud protection services. The contractor for the project will likely not be chosen until mid-August.
OPM plans to provide the free monitoring for those victimized by the hack for three years.
The attack on servers controlling data for the Office of Personnel Management (OPM) is now being reported as significantly larger than initially disclosed to the public.
Government investigators say the total number of people who had data taken in the attack suspected of being carried out by Chinese hackers was roughly 21.5 million, well above the initially released estimate of 4 million people.
The 21.5 million includes many non-government employees after the initial report claimed that it was only government workers who were at risk.
“If an individual underwent a background investigation through OPM in 2000 or afterwards … it is highly likely that the individual is impacted by this cyber breach,” OPM’s statement read.
Republicans in Congress were calling on the President to replace OPM Director Katherine Archuleta.
“It has taken this administration entirely too long to come to grips with the magnitude of this security breach — a breach that experts agree was entirely foreseeable. Americans who serve our country need to be able to trust that the government can keep their personal information safe and secure,” House Speaker John Boehner said in a statement.
Jason Chaffetz, the head of the House Oversight and Reform Committee, called on the President to not only fire Archuleta but also Chief Information Officer Donna Seymour.
“Their negligence has now put the personal and sensitive information of 21.5 million Americans into the hands of our adversaries. Such incompetence is inexcusable,” Chaffetz, a Republican, said Thursday in a statement.
The hack of government servers by a group of suspected Chinese hackers is significantly worse than initially reported.
The national president of the American Federation of Government Employees revealed that the hack released information for every federal employee to the unknown hackers.
“Based on the sketchy information OPM (Office of Personnel Management) has provided, we believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees,” J. David Cox said in the letter dated Thursday.
The government had admitted the breach was the largest in government history and reached as many as four million employees.
Now Cox has revealed that the Social Security numbers, military records, addresses, birth dates, pay histories, health insurance and pension information of all government employees were at the mercy of the hackers.
The White House has refused to name China as the source of the hacking but several senators including Senator Harry Reid and Senator Susan Collins have said the attack came from China.
As many as four million employees could have their personal information compromised in what some U.S. officials have called “the biggest breach ever of the government’s computer networks.”
The Department of Homeland Security confirmed the breach saying that at the beginning of May hackers had violated the systems of the Office of Personnel Management (OPM) and the Interior Department.
“Protecting our Federal employee data from malicious cyber incidents is of the highest priority at OPM,” OPM Director Katherine Archuleta said in a statement. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”
Sen. Susan Collins told the Associated Press investigators believe the hack came from China.
Collins called the attack “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.”
The Department of Homeland Security’s (DHS) intrusion system detected the hack, although many files were copied before the system alerted officials.
“DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion,” A DHS statement read.
Anti-Semitic hackers attacked Israeli websites Tuesday after an international hacking collective threatened to launch an “electronic Holocaust.”
The hacking campaign is timed to strike the country during Israel’s annual “Holocaust Remembrance Day.”
The hackers struck the websites of Israeli musicians and non-profit groups according to the Israeli Computer Emergency Response Team. The hackers replaced the sites with photos of Muslim holy sites and photos of ISIS terrorists holding their militant flag.
“We are always here to punish you! Because we are the voice of Palestine and we will not remain silent!” the message read.
The cyber terrorists had vowed to take down Israeli government sites, banks and other public institutions. However, their attempts to breach advances security measures apparently failed as no major disruptions were reported by any major organization.
Israel’s national cyber bureau admitted they boosted defenses before the beginning of the announced attack.
Critics say that America has lost their first cyberwar after Sony Pictures pulled the movie “The Interview” after repeated cyber attacks by North Korean hackers.
“No one should kid themselves. With the Sony collapse America has lost its first cyberwar. This is a very very dangerous precedent,” former House speaker Newt Gingrich said after Sony’s announcement.
Sony pulled the film…a comedy film about two bumbling reporters that assassinate North Korean leader Kim Jong-Il…even though it was due to open in theaters in just over a week.
The hackers had threatened to have “9/11 style attacks” on theaters in the U.S. that showed the movie. The threats caused the five biggest movie chains in the country to say they were not going to show the film because of fears of incidents.
President Obama addressed the matter in a Wednesday interview.
“The cyber attack is very serious. We’re investigating, we’re taking it seriously,” Obama said during the interview. “We’ll be vigilant, if we see something that we think is serious and credible, then we’ll alert the public. But for now, my recommendation would be that people go to the movies.”
The Department of Homeland Security says there is no credible threat against any movie theater in the U.S.
A new report is showing that internet routers have significant security flaws that could allow a hacker to take control of your computer without ever putting a virus onto the actual computer.
Security officials have found “backdoors” in routers produced by NetGear and Linksys, two of the biggest selling router manufacturers. The security flaws allow a hacker to take control of the router and guide your web browser to fake websites that could look like Google, Facebook or a host of other sites.
The hackers would then steal personal information that you enter into the spoofed websites.
Many internet service providers give a cable or DSL modem with a built-in router that could be compromised by hackers depending on the manufacturer.
Security officials recommend placing a password on your router with an unusually long string of letters and numbers to make it unlikely a causal hacker will take the time to try and crack the long code.
The commander of the U.S. Cyber Command told Congress on Thursday that the military is not ready for a major cyber war and that they need to bolster their defenses both for military infrastructure and private business.
“Those attacks are coming and I think those are near term and we’re not ready for them,” said Army Gen. Keith Alexander. Alexander is also the outgoing director of the National Security Agency.
Alexander told congressmen that the Cyber Command’s 1,100 employees are making progress but are still not ready for a major assault. Alexander said that attackers are changing plans from short term disruptions to attacks that would cause long lasting damage to critical systems including destruction of machines.
The most major concerns are attacks on the nation’s power supplies or economic systems. As an example, Alexander mentioned the harm that could be caused should a hacker break into the New York Stock Exchange and destroy their systems.
“While we have increased our own cyber capabilities, the worldwide cyber threat is growing in scale and sophistication, with an increasing number of state and non-state actors targeting U.S. networks on a daily basis,” Admiral Cecil Haney of the U.S. Strategic Command told Congress.
A new report released by Oklahoma Senator Tom Coburn is showing some shocking revelations about the security of Federal agencies, databases and websites.
The report found that almost 40 percent of breaches in security go undetected by security officials and systems.
“[The report] highlights serious vulnerabilities in the government’s efforts to protect its own civilian computers and networks,” Coburn said.
The report shows that nearly every agency has faced some kind of undetected event from the U.S. Copyright Office to the Department of Homeland Security. Even agencies that don’t seem to be major targets like the National Weather Service or NASA faced major breaches.
An example of one attack was hackers breaking into the national Emergency Alert System in February 2013 sending out a “Zombie Attack Warning” in Midwestern states.
“Civil authorities in your area have reported the bodies of the dead are rising from their graves and attacking the living,” the hackers sent out before being cut off. “Do not attempt to approach or apprehend these bodies as they are considered extremely dangerous.”
The report says that hackers could enter databases regarding U.S. dams that showed which were the weakest or had security problems making them vulnerable to attack. One of the hackers obtained the technology map running the New York Stock Exchange.
The report was based on studies from 40 different audits.
A new report exposes a piece of equipment used by the National Security Agency that allows operatives to break into computers from as far as eight miles away using WiFi technology.
The device, called NIGHTSTAND, allows the NSA to place viruses and other software on computers that use Microsoft operating systems. The system works using WiFi signals and would be completely undetectable by the computer’s users.
The project was just one of several NSA programs that were exposed in the German magazine Der Spiegel from leaks given out by NSA leaker Edward Snowden.
DEITYBOUNCE was a program designed to hack into Dell servers through an exploit in the motherboard. IRONCHEF would allow two way communications between the devices.
A program called IRATEMONK was created to hack the boot programs on drives from multiple hardware manufacturers like Western Digital, Seagate, Maxtor and Samsung.