Bonum Certa Men Certa

Office of Personnel Management (OPM) and Microsoft Windows

Server



Summary: A look at lesser-explored aspects of the so-called OPN hack [sic], especially the systems involved

IN AN EFFORT to understand what repeatedly happened in the undoubtedly significant Office of Personnel Management (OPM) data breach/es [2-8], leaving aside the lack of concrete evidence of Chinese role [1], we tried to understand which platform was to blame. In the case of Sony it was reportedly a Microsoft Windows machine acting as the culprit or attack vector, just like Stuxnet in Iran with similar attempts against North Korea (there are still more articles about it).



"Hundreds of millions of credit card numbers got snatched from Windows."NSA leaks were due to Microsoft SharePoint (Snowden gained access to the so-called 'crown jewels'). As we last noted in an article about words from Kaspersky (still in headlines for it [9-12]), Windows is inherently not secure. Commercial targets of data breached that we wrote about before serve to show this. We gave readers a lot of examples over the years. Hundreds of millions of credit card numbers got snatched from Windows. the cost was enormous, but the role of Windows wasn't ever emphasised in the corporate press.

Rebecca Abrahams published an article co-authored by Dr. Stephen Bryen, Founder & CTO of FortressFone Technologies. Unlike many other articles which point a finger at China (with little to actually back this accusation with), Abrahams does call out Windows and sheds light on what OPM uses:

Second, the government is very slow to improve security on its computers and networks. Many of the computers the government is using are antique. For example OPM still has 12-year old Windows XT as an operating system for its computers. Microsoft no longer supports XT and any vulnerability that develops is the problem of the user, not of the supplier. But even if the old stuff was upgraded it won't help much because the systems are really clumsy amalgams of disparate parts which as a "system," have never been properly vetted for security.


So there we go. Windows. We're hardly surprised to say the least. The author probably means NT or XP (14 years old, not 12, unlike Server 2003), but does it matter much? Any version of Windows, no matter how old, is not secure. It's not even designed to be secure.

Related/contextual items from the news:


  1. US wronging of China for cyber breaches harm mutual trust
    Out of ulterior motives, some US media and politicians have developed a habit of scapegoating China for any alleged cyber attack on the United States. Such groundless accusations would surely harm mutual trust between the two big powers of today’s world.


  2. The Massive Hack on US Personnel Agency is Worse Than Everyone Thought
    Last week, the human resources arm of the US government, the Office of Personnel Management (OPM) admitted that it had been victim of a massive data breach, where hackers stole personal data belonging to as many as 4 million government workers.


  3. Feds Who Didn't Even Discover The OPM Hack Themselves, Still Say We Should Give Them Cybersecurity Powers
    We already described how the recent hack into the US federal government's Office of Personnel Management (OPM) appears to be much more serious than was initially reported. The hack, likely by Chinese state hackers, appear to have obtained basically detailed personal info on all current and many former federal government employees.


  4. China-linked hackers get data on CIA, NSA personnel with security-clearance: report
    China-linked hackers appear to have gained access to sensitive background information submitted by US intelligence and military personnel for security clearances that could potentially expose them to blackmail, the Associated Press reported on Friday.

    In a report citing several US officials, the news agency said that data on nearly all of the millions of US security-clearance holders, including the Central Intelligence Agency (CIA), National Security Agency (NSA) and military special operations personnel, were potentially exposed in the attack on the Office of Personnel Management (OPM).


  5. Second OPM Hack Revealed: Even Worse Than The First
    And yet... this is the same federal government telling us that it wants more access to everyone else's data to "protect" us from "cybersecurity threats" -- and that encryption is bad? Yikes.


  6. Dossiers on US spies, military snatched in 'SECOND govt data leak'


    A second data breach at the US Office of Personnel Management has compromised even more sensitive information about government employees than the first breach that was revealed earlier this week, sources claim. It's possible at least 14 million Americans have chapter and verse on their lives leaked, we're told.

    The Associated Press reports that hackers with close ties to China are believed to have obtained extensive background information on intelligence-linked government staffers – from CIA agents and NSA spies to military special ops – who have applied for security clearances.

    Among the records believed to have leaked from a compromised database are copies of Standard Form 86 [PDF], a questionnaire that is given to anyone who applies for a national security position, and is typically verified via interviews and background checks.
  7. Officials: Second hack exposed military and intel data
  8. Senate Quickly Says 'No Way' To Mitch McConnell's Cynical Ploy To Add Bogus Cybersecurity Bill To NDAA
    Earlier this week, we noted that Senator Mitch McConnell, hot off of his huge flop in trying to preserve the NSA's surveillance powers, had promised to insert the dangerous "cybersecurity" bill CISA directly into the NDAA (National Defense Authorization Act). As we discussed, while many have long suspected that CISA (and CISPA before it) were surveillance bills draped in "cybersecurity" clothing, the recent Snowden revelations that the NSA is using Section 702 "upstream" collection for "cybersecurity" issues revealed how CISA would massively expand the NSA's ability to warrantlessly wiretap Americans' communications.


  9. “Don’t Hack Me! That’s a Bad Idea,” Says Eugene Kaspersky to APT Groups


  10. Russian Software Security Lab Hacked, Indirectly Links Attack To NSA
  11. Israel, NSA May Have Hacked Antivirus Firm Kaspersky Lab
    Moscow-based antivirus firm Kaspersky Lab, famous for uncovering state-sponsored cyberattacks, today dropped its biggest bombshell yet: Its own computer networks were hit by state-sponsored hackers, probably working for Israeli intelligence or the U.S. National Security Agency. The same malware also attacked hotels that hosted ongoing top-level negotiations to curb Iran's nuclear program.


  12. Protocols of the Hackers of Zion?
    When Israeli Prime Minister Benjamin Netanyahu met with Google chairman Eric Schmidt on Tuesday afternoon, he boasted about Israel’s “robust hi-tech and cyber industries.” According to The Jerusalem Post, “Netanyahu also noted that ‘Israel was making great efforts to diversify the markets with which it is trading in the technological field.'”

    Just how diversified and developed Israeli hi-tech innovation has become was revealed the very next morning, when the Russian cyber-security firm Kaspersky Labs, which claims more than 400 million users internationally, announced that sophisticated spyware with the hallmarks of Israeli origin (although no country was explicitly identified) had targeted three European hotels that had been venues for negotiations over Iran’s nuclear program.

    Wednesday’s Wall Street Journal, one of the first news sources to break the story, reported that Kaspersky itself had been hacked by malware whose code was remarkably similar to that of a virus attributed to Israel. Code-named “Duqu” because it used the letters DQ in the names of the files it created, the malware had first been detected in 2011. On Thursday, Symantec, another cyber-security firm, announced it too had discovered Duqu 2 on its global network, striking undisclosed telecommunication sites in Europe, North Africa, Hong Kong, and Southeast Asia. It said that Duqu 2 is much more difficult to detect that its predecessor because it lives exclusively in the memory of the computers it infects, rather than writing files to a drive or disk.


Recent Techrights' Posts

Datamation, Where I Used to Publish Articles, Appears to Have Been Sold to TechnologyAdvice Only to Become a Slopfarm
I'd prefer to not associate with that site anymore
 
How Software Patents Were Viewed or Their General Status Changed Over Time
A rough summary
We Are Turning 19 in One Month, FSF Turns 40 in 3 Hours (CET)
For our anniversary next month we still have no concrete plans
Patent Docs (or PatentDocs) Learned the Wrong Lessons From the Death of TypePad
Had they gone ahead with an SSG, they'd become a lot more future-proof
USPTO Patent Bubble Already Imploding, After Decades of Artificial Inflation, Entire Offices Close for Good
we can deduce that financial pressures (lack of "demand" for monopolies) play a role
TikTok is Not Harmless (Being CheeTok in the US Will Advance Orange Agenda)
Social control media isn't "fun and games"; it's a digital weapon that lets hostile groups or nations infiltrate others, then turn them against themselves
Andy Farnell and Helen Plews Explain What "Modern" Tech Does to Old People
Imposing terrible tech "religion" on people is not helping them
Tomorrow the Free Software Foundation (FSF) Turns 40 and Its Web Site is Still Slow Due to DDoS by LLM Slop Bots
For an advocacy group, uptime is important (for its message to remain accessible)
Slopwatch: Google News as a Firehose of LLM Slop About "Linux"
Google News is really bad
Links 03/10/2025: "NPR’s Economics Lessons Come With Neoliberal Spin" and Canada Post at Risk
Links for the day
Gemini Links 03/10/2025: Panic Attacks and Food Adulteration
Links for the day
Links 03/10/2025: Lawyers Caught Using LLM Slop Explain Why They Did It, LibreSSL 4.1.1 and 4.0.1 Released
Links for the day
FSF Board Grew 50% Since Last Year, Has New President, Turns 40 in Two Days
It's a good move for the FSF and - by extension - for software freedom
Links 03/10/2025: Conflicts, Death of TypePad, and TikTok/CheeTok Gives a Boost to Far Right Groups in Europe
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 02, 2025
IRC logs for Thursday, October 02, 2025
Slopwatch: Linux Journal, Google News, and LinuxSecurity
They carry on polluting the Web with fake articles
Gemini Links 02/10/2025: Kubernetes With FreeBSD and robots.txt
Links for the day
Links 02/10/2025: 'Open' 'AI' Resorting to Gimmicks and Fake Funding, Europe’s ‘Drone Wall’ Discussed
Links for the day
Links 02/10/2025: Brave Passes 100M Users Milestone, Kodak Selling Its Own Film Again
Links for the day
Michael “Monty” Widenius: It Started in 1983 With Richard Stallman (RMS)
The other co-founder of MySQL is a bit notorious for confronting RMS rather viciously
For the Second Time in a Few Weeks Microsoft Lunduke Makes False Accusations Against Senior Red Hat Staff to Incite a Despicable 'Troll Army'
Nothing that Microsoft Lunduke claims of says can be trusted
su lisa && rm -rf /home/ibm/power
Novell was ruined by another person from IBM, Ronald Hovsepian
A Record Demand at Microsoft: Demand to Cancel
What we're witnessing is a very ungraceful destruction of XBox
Microsoft is Losing Europe
Hence all the "support" and "discount" offers that are limited to Europe
The Free Software Foundation Starts Fund-raising for 40th Anniversary
New pop-up 2-3 days ahead of the 40th anniversary event
Systemd Breaks Networking in Debian and Microsoft Staff Rushes to Make Face-Saving Excuses in LWN
Microsoft's bluca is already there in the comments, his Microsoft money pays for LWN to let him leave comments early
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 01, 2025
IRC logs for Wednesday, October 01, 2025
What the End of XBox Will Look Like: a Fiery Crash
XBox is the next Skype. It won't last much longer. Expect many more layoffs.
Richard Stallman is Going to Finland to Give a Talk Next Thursday
A day later he speaks in Sweden
Gemini Links 02/10/2025: SMTP Pipelining and End of ROOPHLOCH 2025
Links for the day
Slopwatch: Plagiarism, Fake Articles, and FUD About Linux
not a day goes by without Google News feeding FUD from slopfarms
Gemini Links 01/10/2025: Chat Control and End of Life
Links for the day
Links 01/10/2025: Long Covid Risk Reiterated, "Bitcoin Queen" Caught
Links for the day
Links 01/10/2025: EA $55 Billion Deal is Debt and Slop "Raises Vishing Risks"
Links for the day
Bluewashing at Red Hat Means Redundancies
The man who sold Red Hat to IBM meanwhile became a Microsoft Mono booster
After Killing OpenSource.com, IBM ('Red Hat') and OSI Told Us OpenSource.net Would Replace It (But That Didn't Happen)
Now it's time to move on, perhaps tarnishing the "Open Source" label some more (for whatever sponsor wants this)
Linux is Not a Community Project, It's a Wall Street Product
The core goal should be freedom
Bad Actors Abusing the Free Software Community, Vandalising It Using Rogue Politics and Old Tactics
Oil giants have long attempted to do this; now, the digital equivalent of Big Oil does this in technology
Social Control Media Isn't the Future, The Federation or Fediverse Isn't Growing, People's Accounts Vanish for Good
users' accounts will get deleted, not just become inactive
IBM is Failing, This Helps Show Wall Street is Entirely Detached From Actual Commercial Performance
IBM is unable to grow, it's just constantly shrinking
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 30, 2025
IRC logs for Tuesday, September 30, 2025
Clerical Aspects of Publishing and Development
In Free software, the management aspects are considerably reduced
Slopwatch: Fake Articles and Google News Promoting "Linux" Spam or Bot-Generated Fear, Uncertainty, Doubt (FUD)
These slopfarms help misplace blame
Third Wave of Microsoft Layoffs in September, This Time Many in Liverpool Affected
Be ready for more waves of layoffs ahead of the so-called "results" in late October