One of San Diego’s top security experts believes the motivation behind the massive security breach of U.S. government employee data is not money, but rather something more complex and possibly devious.
As of Thursday evening, officials suspect Chinese hackers are responsible for the hack that compromised the private information of more than 4 million federal government employees. Government officials say this hack could be the biggest cyberattack in U.S. history.
“It isn’t about ‘I have your bank account, I’m going to steal your money.’ It’s about knowing what the [U.S. government] is, who’s doing what, who’s going where and how it will respond to things,” said Eric Frost, Ph.D. Frost is the director of San Diego State University’s Homeland Security Graduate Program.
“It’s not for financial gain if it is indeed Chinese hackers,” he said. “The biggest thing is they now have the patterns through time of an enormous amount of things in the U.S. that we wish they didn’t know.”
The Department of Homeland Security said in a statement that data from the Office of Personnel Management — the human resources department for the federal government — and the Interior Department had been compromised.
The big question Frost believes should be asked at this time is: How long have these hackers been in OPM? The office conducts background checks for security clearances. In fact, it conducts more than 90 percent of federal background investigations, according to its website.
“Have [the hackers] been in there one month? More likely, three years? The greatest value of hacking somebody is when you’re inside and the person doesn’t know,” explained Frost.
An intrusion detection system, known as EINSTEIN, which screens federal Internet traffic to identify potential cyberthreats, identified the hack, according to DHS officials.
However, it's not clear why EINSTEIN didn't detect what was happening until the hackers had copied and removed so many files.