(NationalSecurity.news) Spy services in a number of foreign countries, especially Russia and China, are busy cross-indexing hacked U.S. computer databases, including those containing security clearance applications, airline records and medical insurance forms, in order to identify U.S. intelligence officers, officials have told the Los Angeles Times.
At least one undercover network of U.S. engineers and scientists who provide technical help to American clandestine operatives and agents working in foreign countries has already been compromised as a result, two U.S. officials told the paper.
In the wake of a massive hack of tens of millions of current and former U.S. government employee records at the Office of Personnel Management (OPM) – which many analysts have attributed to hackers in China – the Obama Administration has rushed to improve cyberdefenses for federal agencies and critical infrastructure. The efforts come amid ongoing attempts by foreign powers to hack government sites and email systems, social media accounts and, importantly, financial data, medical records and other personal information on millions of American citizens, the Times noted.
U.S. counterintelligence officials told the paper that their adversaries are combining stolen data files and then using sophisticated software in a bid to isolate clues that could be used to both identify and track – or worse, blackmail and recruit – U.S. intelligence operatives.
They also said that digital analysis can reveal “who is an intelligence officer, who travels where, when, who’s got financial difficulties, who’s got medical issues, [to] put together a common picture,” William Evanina, the top U.S. counterintelligence official for the U.S. intelligence community, told the paper.
When he was asked whether or not adversaries had already used such information against American operatives, he stated flatly, “Absolutely.”
While Evanina would not say which nations were involved, other U.S. officials told the Times on condition of anonymity that Russia and China are both collecting and scrutinizing sensitive U.S. computer files to bolster their counterintelligence efforts.
And while the U.S. has ongoing counterintelligence operations against both of those nations, it’s not clear whether American hackers have penetrated foreign personnel databases.
Also, Moscow and Beijing work frequently and in tandem with criminal hackers and private firms to hack sensitive U.S. data systems instead of stealing it themselves, a tactic that limits clear targets for U.S. retaliation.
In recent days, the Obama Administration marked a notable exception to its retaliation rule when it killed the British-born leader of the “Cyber Caliphate” with a drone strike near Raqqah, Syria. The hacking group belonging to the Islamic State of Iraq and Syria has aggressively sought to persuade sympathizers to launch “lone wolf” attacks in the U.S. and elsewhere.
The Times further reported on the hacker leader:
Junaid Hussain had posted names, addresses and photos of about 1,300 U.S. military and other officials on Twitter and the Internet, and urged his followers to find and kill them, according to U.S. officials. They said he also had been in contact with one of the two heavily armed attackers killed in May outside a prophet Muhammad cartoon contest in Garland, Texas. Hussain is the first known hacker targeted by a U.S. drone.
In addition to concerns over the suspected Chinese hack of the OPM, Pentagon officials are also poring over the leaked list of clients – and their sexual preferences – from the Ashley Madison marital cheating website to identify service members who may have violated Defense Department rules against infidelity and are thus vulnerable to extortion by foreign intelligence agents.
“A foreign spy agency now has the ability to cross-check who has a security clearance, via the OPM breach, with who was cheating on their wife via the Ashley Madison breach, and thus identify someone to target for blackmail,” Peter W. Singer, a fellow at the nonprofit New America Foundation in Washington and coauthor of the book Cybersecurity and Cyberwar, told the Times.
In addition to the OPM breach, U.S. intelligence officials say there is evidence that China’s Ministry of State Security is combining medical data stolen in January from U.S. health insurance giant Anthem with passenger records taken from United Airlines servers in May.
Publicly, the Obama Administration has refrained from blaming China directly, but privately, officials admit that evidence points to Beijing as being culpable, the Times reported.
Defense Secretary Ashton Carter said the U.S. needs to dramatically improve its cyberdefense capabilities because the military is so dependent upon data systems.
“We’re not doing as well as we need to do in job one in cyber, which is defending our own networks,” Carter said. “Our military is dependent upon and empowered by networks for its effective operations…. We have to be better at network defense than we are now.”