What we can learn from the OPM Security Breach - MissionMode

Extensive Government Security Breach Proves All Are Vulnerable

We are led to believe that the U.S. government is ultra secure because it has some of the best protection in the world. Apparently, our cyber protection is not as perfect as we imagined since the Office of Personnel Management (OPM) recently had two major breaches of personal security. Officials from the OPM have commented with only extremely vague communication about the incident publicly, and on July 10th, Katherine Archuleta announced her resignation as the head of the OPM. At MissionMode, we believe that any business can learn from this incident to improve their own disaster recovery plans as soon as possible.

Full Extent of the Hack

One of the scariest parts of the OPM security breach is that the authorities have no idea just how much information was exposed. It was originally reported that the records of around 3.2 million federal employees (current and retired) were revealed. It was later estimated that this number was closer to 22.1 million people affected, both in and outside the government. Regardless of the number, the fact remains the personal information of millions is now in the hands of a foreign government or group. Rumors are swarming around who could be behind this cyber-attack, and while many fingers have been pointed, much evidence points to “Deep Panda” a Chinese cyber-espionage group. The Obama administration is being cautious about naming the Chinese as the perpetrators of this attack which may do incalculable damage to U.S. intelligence. Currently we need to deal with the crisis at hand and recognize that a security breach this impactful is the result of long-term negligence.

Immediate Response

The Obama administration immediately ordered a 30-day Cybersecurity Sprint following the attack. This means that agencies were required to perform testing and patch any possible holes in security. Despite the fact that the damage had already been done, the hope is that these tests will prevent any major security breaches in the future. The testing revealed that security had become quite relaxed over the past few years, especially in the OPM department. This made the breach much easier for the cyber-attackers since it allowed them even deeper access into the system via these improperly secured systems. Unfortunately, the federal employees affected haven’t been treated very well following the breach. Customer service wait times were ridiculous and unresponsive. Many notifications alerting government employees, never even reached the proper recipients.

Why Us?

The weaknesses in the security system that this breach uncovered didn’t develop overnight, but rather over the course of many years of complacency. Government agencies make sure their security meets specific regulations, but then they don’t thoroughly check to see if the system is truly secure. This type of security check covers the basics, and all the likely ways that the system could be hacked, but it does not cover unique, unlikely attacks, such as the OPM hack. It is the unknowns that the security needs to prepare for, not the knowns.

How to Use this Information

In today’s reality, crises can still hit even the most prepared companies. It’s not a question of “if” but rather “when” a company will fall victim to a breach, therefore a disaster recovery system needs to be in place. At MissionMode we understand this constant threat to security. Our solutions help you be prepared to handle any situation that arises and to ensure that you and your business are never caught off-guard. To learn more about how to stay prepared, please call us at 877-833-7763 or contact us online for more information.