What China has Been Doing With the Data it Stole From the Federal Government’s Personnel Files
In late 2013 – and perhaps even well before then – hackers broke into the computer systems at the federal government’s Office of Personnel Management and began a months-long espionage operation in which millions of sensitive personnel files were stolen.
The likely culprit: China. The reason? We’re beginning to discover why:
During the OPM breach, Chinese hackers stole detailed, often highly sensitive personnel data from 21.5 million current and former U.S. officials, their spouses, and job applicants, including health, residency, employment, fingerprint, and financial data. In some cases, details from background investigations tied to the granting of security clearances — investigations that can delve deeply into individuals’ mental health records, their sexual histories and proclivities, and whether a person’s relatives abroad may be subject to government blackmail — were stolen as well….
When paired with travel details and other purloined data, information from the OPM breach likely provided Chinese intelligence potent clues about unusual behavior patterns, biographical information, or career milestones that marked individuals as likely U.S. spies, officials say. Now, these officials feared, China could search for when suspected U.S. spies were in certain locations — and potentially also meeting secretly with their Chinese sources. China “collects bulk personal data to help it track dissidents or other perceived enemies of China around the world,” Evanina, the top U.S. counterintelligence official, said.
It was old fashioned spy v. spy stuff, but on an immense scale that shows how incredibly valuable digital data is to government intelligence agencies:
But after the OPM breach, anomalies began to multiply. In 2012, senior U.S. spy hunters began to puzzle over some “head-scratchers”: In a few cases, spouses of U.S. officials whose sensitive work should have been difficult to discern were being approached by Chinese and Russian intelligence operatives abroad, according to the former counterintelligence executive. In one case, Chinese operatives tried to harass and entrap a U.S. official’s wife while she accompanied her children on a school field trip to China. “The MO is that, usually at the end of the trip, the lightbulb goes on [and the foreign intelligence service identifies potential persons of interest]. But these were from day one, from the airport onward,” the former official said.
Worries about what the Chinese now knew precipitated an intelligence community-wide damage assessment surrounding the OPM and other hacks, recalled Douglas Wise, a former senior CIA official who served deputy director of the Defense Intelligence Agency from 2014 to 2016. Some worried that China might have purposefully secretly altered data in individuals’ OPM files to later use as leverage in recruitment attempts. Officials also believed that the Chinese might sift through the OPM data to try and craft the most ideal profiles for Chinese intelligence assets seeking to infiltrate the U.S. government — since they now had granular knowledge of what the U.S. government looked for, and what it didn’t, while considering applicants for sensitive positions. U.S. intelligence agencies altered their screening procedures to anticipate new, more finely tuned Chinese attempts at human spying, Wise said.
All of this makes the recent hack of government and business computers –presumably by Russian intelligence operatives – is all the more troubling.
The new endless wars are as big a threat to freedom as the old endless wars. But rather than a physical battlefield, they are happening online, 24/7/365.