Critical Read

CRS scrutinizes the OPM breach

Shutterstock image: breached lock.

What: "Cyber Intrusion into U.S. Office of Personnel Management: In Brief," a Congressional Research Service report.

Why: In its typically thorough fashion, CRS recaps the discovery, announcement and reaction to the breach of the personnel database at OPM. Nothing new is revealed, but the story is well organized to meet the needs of CRS’s first audience – Congress – and serves as a useful backgrounder for others looking for a quick yet detailed review of the circumstances surrounding the breach.

The report includes a wrap up of what data was exposed, and reminds readers that "the two breaches revealed in June 2015 are not the first incidents targeting OPM databases containing such sensitive information."

CRS also delves into who might be responsible, with a strong focus on China, but notes that "criminal charges appear to be unlikely."

The report also provides a rundown of possible legislative responses, and suggests questions that lawmakers need to answer, such as: "Are the current authorities and requirements under FISMA sufficient, if fully implemented, to protect federal systems from future intrusions such as the most recent OPM intrusions? If not, what changes are needed to sufficiently reduce the level of risk?"

Verbatim: "Some in the national security community have compared the potential damage of the OPM breaches to U.S. interests to that caused by Edward Snowden's leaks of classified information from the National Security Agency. Yet the potential exists for damage beyond mere theft of classified information, including data manipulation or misinformation. While there is no evidence to suggest that this has happened, hackers would have had the ability, some say, while in U.S. systems to alter personnel files and create fictitious ones that would have gone undetected as far back as 2012."

Full report: Read the CRS report here.

About the Author

John Bicknell is a former executive editor of FCW, and the author of America 1844: Religious Fervor, Westward Expansion, and the Presidential Election That Transformed the Nation.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.