Archives for 

Government Intelligence

U.S. Government OPS Breach: 5.6 million fingerprints of Federal workers were stolen

United States - Personnel ManagementThe Office of Personnel Management and the Department of Defense are analyzing a data breach which has resulted in stealing of around 5.6 million fingerprint records of federal workers. Initial reports put the number at 4.5 million, however the latest report released on Wednesday 23rd September suggests that the number is as high as 5.6 million.

WIRED contacted the OPM asking for details of which of fed employees’ fingerprints were stolen; but they still haven’t received any response. The hack was discovered a few months ago and the data pertains to security clearances for past several years. Although there has been no official statement about who the hackers could be, privately it has been acknowledged by the US government officials that the act was perpetrated by either Chinese hackers or hackers backed by the Chinese government.

Chinese President Xi Jinping is in the United States and is scheduled to meet US President Barack Obama. Obama has recently stated that cyber threats posed by Chinese governments or the hackers backed by it is “an act of aggression that has to stop.” President Obama’s meeting with President Jinping will include addressing the issue of cyber security.

On Wednesday Josh Earnest the White House Spokesperson said that the investigations are still underway and currently the investigators do not “have any conclusions to share publically about who may or may not have been responsible.” The figure of 5.6 million could also be inconclusive as the attack could have affected over 21.5 million fed employees as stated earlier by OPM. OPM had confirmed that the victims of the attack were military and intelligence employees who had security clearances and the attack had its origin in China.

OPM said in a statement on its website, “During that process, OPM and [the Department of Defense] identified archived records containing additional fingerprint data not previously analyzed. Of the 21.5 million individuals whose Social Security Numbers and other sensitive information were impacted by the breach, the subset of individuals whose fingerprints have been stolen has increased from a total of approximately 1.1 million to approximately 5.6 million.”

OPM will be dispatching letters to all the victims and has offered them free credit monitoring. OPM also stated that the stolen data is not a major threat since the misuse of it is highly unlikely due to various limitations. It further said that “An interagency working group with expertise in this area … will review the potential ways adversaries could misuse fingerprint data now and in the future”.

The OPM statement further added that if new technology is developed in future to misuse the stolen fingerprints, more information will be provided to the fed employees whose fingerprints have been stolen.

Share Button

Blue Termite – An APT with sophisticated Cyber Espionage campaign targeting Japan

An Advanced Persistent Threat termed Blue Termite has targeted several Japanese companies since November 2013. Antivirus major Kaspersky Lab started working on the APT in the month of October 2014. Although the instance is not unprecedented, it is the first time that an APT has targeted Japanese companies that have their Client to Server (C2S) […]
Share Button
Continue reading →

3 Key Take Away’s from RSA Conference 2014 – San Francisco for CISOs and Security Enthusiasts

Author : Arun Hegde , Security Architect @arun25 Here is a quick summary about my experience at RSA Conference 2014 – San Francisco last month  Highlights of RSA 2014 : Some of the highlights at this year at RSA was cloud security, mobile security ( specially for enterprise), more companies providing SIEM solutions  and lot of new […]
Share Button
Continue reading →

EC-Council, Security Certification Group website hacked and defaced

“Although EC-Council has been respected by corporations and governments, many in the in the security community don’t agree the way they certify and considered it as useless certification ”  Analysts predict that Passports of more than 60,000 US military and government IT professionals at risk Hacker went by the name of Eugene Belford, claims to […]
Share Button
Continue reading →

Indian Intelligence for internet surveillance will be called ‘NETRA’ ( by DRDO)

NETRA means eye in “Hindi” language, will be soon launched by the Indian government for monitoring the internet traffic entering and leaving the country. NETRA will be Indian  Intelligence for internet surveillance equivalent to PRISM in the US or GCHQ in the UK. Indian Center of Artificial Intelligence and Robotics (CAIR), a lab branched under Department of […]
Share Button
Continue reading →