More and more theft of personal information enabling identity theft. Yet the mindless politicians and government bureaucrats continue to encourage more and more Wi-Fi and internet usage without providing or requiring informed consent for use of their personal private information to the users of this technology. It is not only a problem of a dumbed down population but a dumbed down government.
[From article]
The Office of Personnel Management announced last week that the personal data for 21.5 million people had been stolen. But for national security professionals and cybersecurity experts, the more troubling issue is the theft of 1.1 million fingerprints.
Much of their concern rests with the permanent nature of fingerprints and the uncertainty about just how the hackers intend to use them. Unlike a Social Security number, address, or password, fingerprints cannot be changed—once they are hacked, they're hacked for good. And government officials have less understanding about what adversaries could do or want to do with fingerprints, a knowledge gap that undergirds just how frightening many view the mass lifting of them from OPM.
"It's probably the biggest counterintelligence threat in my lifetime," said Jim Penrose, former chief of the Operational Discovery Center at the National Security Agency and now an executive vice president at the cybersecurity company Darktrace. "There's no situation we've had like this before, the compromise of our fingerprints. And it doesn't have any easy remedy or fix in the world of intelligence."
Much of their concern rests with the permanent nature of fingerprints and the uncertainty about just how the hackers intend to use them. Unlike a Social Security number, address, or password, fingerprints cannot be changed—once they are hacked, they're hacked for good. And government officials have less understanding about what adversaries could do or want to do with fingerprints, a knowledge gap that undergirds just how frightening many view the mass lifting of them from OPM.
"It's probably the biggest counterintelligence threat in my lifetime," said Jim Penrose, former chief of the Operational Discovery Center at the National Security Agency and now an executive vice president at the cybersecurity company Darktrace. "There's no situation we've had like this before, the compromise of our fingerprints. And it doesn't have any easy remedy or fix in the world of intelligence."
[. . .]
Questions also remain about what the ultimate goal of the OPM hackers is, and the administration so far continues to refuse to publicly blame China for the intrusion. Some have likened the breach to an enormous surveillance operation, one that Beijing conducted in order to build databases on the ins and out of the U.S. government and to potentially coerce, blackmail, or bribe officials into divulging closely guarded secrets.
Whatever the motives, the stolen fingerprints are viewed as a uniquely important and unprecedented data heist—one that could reap huge rewards for the hackers for decades to come.
Whatever the motives, the stolen fingerprints are viewed as a uniquely important and unprecedented data heist—one that could reap huge rewards for the hackers for decades to come.
[. . .]
Part of the worry, cybersecurity experts say, is that fingerprints are part of an exploding field of biometric data, which the government is increasingly getting in the business of collecting and storing. Fingerprints today are used to run background checks, verify identities at borders, and unlock smartphones, but the technology is expected to boom in the coming decades in both the public and private sectors."There's a big concern [with the OPM hack] not because of how much we're using fingerprints currently, but how we're going to expand using the technology in the next 5-10 years," said Robert Lee, cofounder of Dragos Security, which develops cybersecurity software.
[. . .]
Also problematic is that there is "no way to reissue a fingerprint," Lee said, meaning that once a set is in the hands of a foreign adversary they are vulnerable as long as that person is working in government.
That reality could create a squeeze on government for decades to come, as agencies may be forced to forgo fingerprints for things like two-factor authentication and instead rely on another biometric, such as facial recognition or iris scans. But those could also someday be hacked, as the OPM hack showed that just about anything stored in a government database can be up for grabs.
That reality could create a squeeze on government for decades to come, as agencies may be forced to forgo fingerprints for things like two-factor authentication and instead rely on another biometric, such as facial recognition or iris scans. But those could also someday be hacked, as the OPM hack showed that just about anything stored in a government database can be up for grabs.
[. . .]
But fingerprints are likely only going to grow in importance for the government in the coming years, he said, and that is true for hackers, too.
"You never know down the line where we are going to use the fingerprints," Kesanupalli said.
Penrose, the former NSA official, also speculated that most of the stolen fingerprints were likely digital scans and not the older ink-based records, which may suggest that the bulk of the prints belong to active or recent employees.
"You never know down the line where we are going to use the fingerprints," Kesanupalli said.
Penrose, the former NSA official, also speculated that most of the stolen fingerprints were likely digital scans and not the older ink-based records, which may suggest that the bulk of the prints belong to active or recent employees.
http://www.nationaljournal.com/tech/opm-hack-fingerprints-china-20150714
How Much Damage Can the OPM Hackers Do With a Million Fingerprints?
The pilfering of 1.1 million fingerprints is “probably the biggest counterintelligence threat in my lifetime,” one former NSA official said.
BY DUSTIN VOLZ
How Much Damage Can the OPM Hackers Do With a Million Fingerprints?
The pilfering of 1.1 million fingerprints is “probably the biggest counterintelligence threat in my lifetime,” one former NSA official said.
BY DUSTIN VOLZ
July 14, 2015
No comments:
Post a Comment