Information Warfare: Why America Remains Vulnerable To China

Archives

July 9, 2015:   In June the United States revealed that there had been a major hack of U.S. government personnel databases earlier in the year. The U.S. openly named China as the chief suspect and admitted that the hackers made off with government databases containing  personal information on nearly twenty million government employees (active and retired.) This included data collected for people applying for security clearances.

The most embarrassing aspect of this incident was the revelations of how incompetent were the officials in charge of Internet security for this data. The key officials had apparently ignored years of warnings by technical personnel (both inside and outside the government) about the urgent need to do something about some very fundamental security problems. It turned out that most of the senior appointed officials didn’t understand what they were dealing with and a lot of the advice and criticism from people who did was largely ignored because it was simply not understood. This is not a new problem but it has become more common in the last few decades as new technology has become so crucial in so many areas. At the same time senior management in many firms has not adapted to these changes and all too often ignores serious problems or delegates them to subordinates who really don’t have the authority or management skills to implement changes. This is a major part of what caused the 2008 financial crises and there are warnings that another such disaster is brewing and there is still not a lot of attention being paid at the top.

The core problem for the government is that these senior Internet security positions are considered “political appointments” and even in highly technical areas the main criteria for selection remain political, not technical or managerial. Few people in government want to confront this issue openly.

This came be seen in the U.S. government response to this latest Internet security disaster. So far the official response of the American government is “full confidence” in the senior officials who presided over this epic debacle and pronouncements from these officials does not indicate any realization of what they did or, rather, did not do.

Meanwhile China has officially denied any involvement. Hackers can use this stolen information for various types of online larceny, or espionage or both. What is particularly worrisome (and making China more likely the culprit) is the fact that none of that data has shown up on the Internet black market. Aside from Internet based fraud, the other major use of that data is espionage.

 

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close