After OPM hack, CIA pulls agents from Beijing for their safety


#1

[Read the post]


#2

Surveillance, profiling, databases.
Enjoy the taste of your own medicine.


#3

“It’s only wrong with other countries do it. Because 'murica.”

— Every US Politician


#4

The biggest surprise from this story for me was that 1 in 15 Americans have applied for a security clearance.


#5

Silly spooks! Don’t they know that karma is circular?


#6

Of course, y’know, the OPM breach wouldn’t have happened if only everyone in the 'States had let the FBI/CIA/NSA read their email.


#7

At least Clapper admitted that copying the OPM trove was legitimate espionage, the 2011 White House’ cybersecurity statement was summarized by an unnamed military official as: “If you shut down our power grid, maybe we will put a missile down one of your smokestacks.”


#8

There’s variation on that idea:

From “Outside perspectives on the Department of Defense cyber strategy” by Richard Bejtlich:

...the administration should develop the capability to take asymmetric actions that target adversary core interests, but in a way that leverages our strengths against their weaknesses. For example, in the case of China, the so-called Great Firewall is an important target. The Chinese government uses its Great Firewall to censor content it considers to be a threat to the Chinese Communist’s Party control of the country. The New York Times published a story in early August describing how the administration was considering taking steps to undermine the Great Firewall as a response to the Office of Personnel Management breach.

And another, different take on messing with China’s stuff from "Retaliating against China’s Great Firewall by Adam Segal:

Even if this is an old idea that is seeing new light, it is hard to see how it would deter future Chinese attacks, if only because Beijing appears to believe that the United States is already using the Internet to undermine domestic stability and regime legitimacy.

#9

I’d say that it’s fair-ish. There’s not much of the outcome difference if the transformer gets hit by a missile vs if it is made to blow up via SCADA shenanigans.

But the response has to be carefully measured, and there has to be awareness that cyber-attacks can be very easily made as a false flag, and some laughing third party could be playing the military might of another country like a violin.


#10

The line between espionage and war is fuzzy, but one should think really hard before crossing it (true for both the acting and reacting party).

[see also War on Foo for a similar fine line between warfare and policing]


#11

If you’re interested, the article I quoted above speaks directly to the attribution of hacks:

Consider the difference between “high” and “low” attribution capabilities. I define high attribution capabilities as the integration of technical and political analysis to detect and identify digital adversaries. Those lacking this skill are said to have “low” attribution capabilities. For an example of “high-high” attribution, imagine the US and Russia. For “high-low,” imagine the US and China. For “low-low,” imagine Vietnam and China. One way to measure attribution capabilities is to watch for private sector companies in the country of interest who can release high-quality security reports. In the US, we have Mandiant and others. In Russia, Kaspersky. In China, Qihoo-360 is a rising star. None come to mind for Vietnam, for example.

tl;dr: attribution is easier to do in places like America and Germany, but it’s a lot more difficult in places like Iran and Vietnam for various reasons.


#12

In the wake of the breach, the CIA pulled its officers from the Beijing office

Sounds like Mission Accomplished.


#13

Remaining personnel: One secretary, two janitors.


#14

I am skeptical on the officially reported story, as is so often the case, though so rarely reported, intelligence & counterintelligence is not as it appears in the news.

  1. There is this story: http://arstechnica.com/security/2015/08/china-and-russia-cross-referencing-opm-data-other-hacks-to-out-us-spies/

There seems some merit to that. Why does this matter? If China was behind the OPM attack, then they surely would never share that data so quickly with Russia. Which gives a few possibilities… the sources were bogus, didn’t or don’t know… or was official, they are fishing…or Russia is deep in China’s systems and intelligence circles… or was a joint Russian-China endeavor, which is extremely unlikely. Or, it wasn’t even Russia and China. There are a number of other possibilities, here, but to me, above all, this says there is not the confidence “it was China” they are pretending it is.

  1. The OPM hack, its’ self, does not exactly speak of these guys being on the ball, in the first place. If they are really so wired into Chinese intelligence, they would have known about these hacks (really, do not forget, in the plural) to begin with.

I understand that the public has seen the ex-head of OPM tarred and feathered. The scapegoat was sent out, and all error with her. But, is this really where the full blame should lie? Consider: OPM is on the side of a hollowed out mountain and everyday has incoming, highly classified traffic from every government organization which has classified employees and contractors. Which is a lot of organizations.

That is, this was far from “just OPM’s jurisdiction and responsibility”. Every one of those organizations had a vested interest in their security.

End of the day, those 20 million some odd workers did not trust “OPM” with their sensitive data. They trusted the US Government. They trusted the organization they were working with. And every single day, probably, they are surely reminded in one way or another, their trust was deeply misplaced.

Summary: Consider that this pull out could be simply another empty gesture. It is a strong move, but one where no evidence is provided. China very well may be seeing this as deeply offensive and duplicitous, if, indeed, they ‘really did not do it’. But, most will buy into the story given, and this sort of ‘evidence’ that ‘China did it’.

Be skeptical.


#15

Strangely enough we didn’t see this sort of action after the Snowden leaks despite the fact the various political lackeys, pundits and alarmist clowns tried to convince the public that the leaks were “dangerous” and gravely harmed nation security.

I’m beginning to think that just maybe Clapper and his ilk are full of shit. Nah… no way…


#16

The expression reminds me of someone. Is this Grumpy Crap?

And the comparison to Snowden is a good one, maybe the political lackeys, pundits and alarmist clowns felt they had to play with the traitor! angle?


#17

The security sector of the American economy (both private and public) has grown exponentially since the beginning of the war on terror. I’d guess that people working for private contractors often also have to get security clearance, which would explain the numbers.


#18

That is just breathtaking in its affected idiocy.


#19

then I suppose 1 in 15 people having applied for government security clearance isn’t odd? Ok. Sure thing.
still seems a bit much to me.


#20

I have coworkers who got them and this was only because we handle the disks after a data spill. don’t actually see or have user permissions to the data but since they pull the drives and drop them through the magnets and put them in the destroy bin and well basically have physical access to the data they have to have one.
I declined cause one I already have enough of a record cause my grandfather did troubleshooting intel (and there is some stuff I am sure he never told anyone about) work and I think thats enough. Also I just don’t want the the headache of having to remember what I can/can’t talk about outside of work, too old for that crap.