Critical Read

CRS scrutinizes the OPM breach

Shutterstock image: breached lock.

What: "Cyber Intrusion into U.S. Office of Personnel Management: In Brief," a Congressional Research Service report.

Why: In its typically thorough fashion, CRS recaps the discovery, announcement and reaction to the breach of the personnel database at OPM. Nothing new is revealed, but the story is well organized to meet the needs of CRS’s first audience – Congress – and serves as a useful backgrounder for others looking for a quick yet detailed review of the circumstances surrounding the breach.

The report includes a wrap up of what data was exposed, and reminds readers that "the two breaches revealed in June 2015 are not the first incidents targeting OPM databases containing such sensitive information."

CRS also delves into who might be responsible, with a strong focus on China, but notes that "criminal charges appear to be unlikely."

The report also provides a rundown of possible legislative responses, and suggests questions that lawmakers need to answer, such as: "Are the current authorities and requirements under FISMA sufficient, if fully implemented, to protect federal systems from future intrusions such as the most recent OPM intrusions? If not, what changes are needed to sufficiently reduce the level of risk?"

Verbatim: "Some in the national security community have compared the potential damage of the OPM breaches to U.S. interests to that caused by Edward Snowden's leaks of classified information from the National Security Agency. Yet the potential exists for damage beyond mere theft of classified information, including data manipulation or misinformation. While there is no evidence to suggest that this has happened, hackers would have had the ability, some say, while in U.S. systems to alter personnel files and create fictitious ones that would have gone undetected as far back as 2012."

Full report: Read the CRS report here.

About the Author

John Bicknell is a former executive editor of FCW, and the author of America 1844: Religious Fervor, Westward Expansion, and the Presidential Election That Transformed the Nation.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.