EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

06.14.15

Office of Personnel Management (OPM) and Microsoft Windows

Posted in Microsoft, Windows at 6:07 pm by Dr. Roy Schestowitz

Server

Summary: A look at lesser-explored aspects of the so-called OPN hack [sic], especially the systems involved

IN AN EFFORT to understand what repeatedly happened in the undoubtedly significant Office of Personnel Management (OPM) data breach/es [2-8], leaving aside the lack of concrete evidence of Chinese role [1], we tried to understand which platform was to blame. In the case of Sony it was reportedly a Microsoft Windows machine acting as the culprit or attack vector, just like Stuxnet in Iran with similar attempts against North Korea (there are still more articles about it).

“Hundreds of millions of credit card numbers got snatched from Windows.”NSA leaks were due to Microsoft SharePoint (Snowden gained access to the so-called ‘crown jewels’). As we last noted in an article about words from Kaspersky (still in headlines for it [9-12]), Windows is inherently not secure. Commercial targets of data breached that we wrote about before serve to show this. We gave readers a lot of examples over the years. Hundreds of millions of credit card numbers got snatched from Windows. the cost was enormous, but the role of Windows wasn’t ever emphasised in the corporate press.

Rebecca Abrahams published an article co-authored by Dr. Stephen Bryen, Founder & CTO of FortressFone Technologies. Unlike many other articles which point a finger at China (with little to actually back this accusation with), Abrahams does call out Windows and sheds light on what OPM uses:

Second, the government is very slow to improve security on its computers and networks. Many of the computers the government is using are antique. For example OPM still has 12-year old Windows XT as an operating system for its computers. Microsoft no longer supports XT and any vulnerability that develops is the problem of the user, not of the supplier. But even if the old stuff was upgraded it won’t help much because the systems are really clumsy amalgams of disparate parts which as a “system,” have never been properly vetted for security.

So there we go. Windows. We’re hardly surprised to say the least. The author probably means NT or XP (14 years old, not 12, unlike Server 2003), but does it matter much? Any version of Windows, no matter how old, is not secure. It’s not even designed to be secure.

Related/contextual items from the news:

  1. US wronging of China for cyber breaches harm mutual trust

    Out of ulterior motives, some US media and politicians have developed a habit of scapegoating China for any alleged cyber attack on the United States. Such groundless accusations would surely harm mutual trust between the two big powers of today’s world.

  2. The Massive Hack on US Personnel Agency is Worse Than Everyone Thought

    Last week, the human resources arm of the US government, the Office of Personnel Management (OPM) admitted that it had been victim of a massive data breach, where hackers stole personal data belonging to as many as 4 million government workers.

  3. Feds Who Didn’t Even Discover The OPM Hack Themselves, Still Say We Should Give Them Cybersecurity Powers

    We already described how the recent hack into the US federal government’s Office of Personnel Management (OPM) appears to be much more serious than was initially reported. The hack, likely by Chinese state hackers, appear to have obtained basically detailed personal info on all current and many former federal government employees.

  4. China-linked hackers get data on CIA, NSA personnel with security-clearance: report

    China-linked hackers appear to have gained access to sensitive background information submitted by US intelligence and military personnel for security clearances that could potentially expose them to blackmail, the Associated Press reported on Friday.

    In a report citing several US officials, the news agency said that data on nearly all of the millions of US security-clearance holders, including the Central Intelligence Agency (CIA), National Security Agency (NSA) and military special operations personnel, were potentially exposed in the attack on the Office of Personnel Management (OPM).

  5. Second OPM Hack Revealed: Even Worse Than The First

    And yet… this is the same federal government telling us that it wants more access to everyone else’s data to “protect” us from “cybersecurity threats” — and that encryption is bad? Yikes.

  6. Dossiers on US spies, military snatched in ‘SECOND govt data leak’

    A second data breach at the US Office of Personnel Management has compromised even more sensitive information about government employees than the first breach that was revealed earlier this week, sources claim. It’s possible at least 14 million Americans have chapter and verse on their lives leaked, we’re told.

    The Associated Press reports that hackers with close ties to China are believed to have obtained extensive background information on intelligence-linked government staffers – from CIA agents and NSA spies to military special ops – who have applied for security clearances.

    Among the records believed to have leaked from a compromised database are copies of Standard Form 86 [PDF], a questionnaire that is given to anyone who applies for a national security position, and is typically verified via interviews and background checks.

  7. Officials: Second hack exposed military and intel data
  8. Senate Quickly Says ‘No Way’ To Mitch McConnell’s Cynical Ploy To Add Bogus Cybersecurity Bill To NDAA

    Earlier this week, we noted that Senator Mitch McConnell, hot off of his huge flop in trying to preserve the NSA’s surveillance powers, had promised to insert the dangerous “cybersecurity” bill CISA directly into the NDAA (National Defense Authorization Act). As we discussed, while many have long suspected that CISA (and CISPA before it) were surveillance bills draped in “cybersecurity” clothing, the recent Snowden revelations that the NSA is using Section 702 “upstream” collection for “cybersecurity” issues revealed how CISA would massively expand the NSA’s ability to warrantlessly wiretap Americans’ communications.

  9. “Don’t Hack Me! That’s a Bad Idea,” Says Eugene Kaspersky to APT Groups
  10. Russian Software Security Lab Hacked, Indirectly Links Attack To NSA
  11. Israel, NSA May Have Hacked Antivirus Firm Kaspersky Lab

    Moscow-based antivirus firm Kaspersky Lab, famous for uncovering state-sponsored cyberattacks, today dropped its biggest bombshell yet: Its own computer networks were hit by state-sponsored hackers, probably working for Israeli intelligence or the U.S. National Security Agency. The same malware also attacked hotels that hosted ongoing top-level negotiations to curb Iran’s nuclear program.

  12. Protocols of the Hackers of Zion?

    When Israeli Prime Minister Benjamin Netanyahu met with Google chairman Eric Schmidt on Tuesday afternoon, he boasted about Israel’s “robust hi-tech and cyber industries.” According to The Jerusalem Post, “Netanyahu also noted that ‘Israel was making great efforts to diversify the markets with which it is trading in the technological field.’”

    Just how diversified and developed Israeli hi-tech innovation has become was revealed the very next morning, when the Russian cyber-security firm Kaspersky Labs, which claims more than 400 million users internationally, announced that sophisticated spyware with the hallmarks of Israeli origin (although no country was explicitly identified) had targeted three European hotels that had been venues for negotiations over Iran’s nuclear program.

    Wednesday’s Wall Street Journal, one of the first news sources to break the story, reported that Kaspersky itself had been hacked by malware whose code was remarkably similar to that of a virus attributed to Israel. Code-named “Duqu” because it used the letters DQ in the names of the files it created, the malware had first been detected in 2011. On Thursday, Symantec, another cyber-security firm, announced it too had discovered Duqu 2 on its global network, striking undisclosed telecommunication sites in Europe, North Africa, Hong Kong, and Southeast Asia. It said that Duqu 2 is much more difficult to detect that its predecessor because it lives exclusively in the memory of the computers it infects, rather than writing files to a drive or disk.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email
  • Slashdot

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Our 14th Birthday is Coming

    We're turning 14 shortly and we need ideas from readers (things that can be done to mark the event and celebrate 'on-line')



  2. In Spite of IBM's Difficult Past and Particularly Dark History, Under Arvind Krishna’s Leadership It Has Only Shown Signs of Improving

    This winter, 6 months after Arvind Krishna’s tenure as CEO began, we can generally say that things seem to have improved and we look forward to further improvements



  3. Links 25/10/2020: GNU Taler's IETF Milestone, RISC OS 5.28 and New Ubuntu Community Council

    Links for the day



  4. IRC Proceedings: Saturday, October 24, 2020

    IRC logs for Saturday, October 24, 2020



  5. Links 24/10/2020: GDB 10.1, Kodachi 7.4, Wine 5.20

    Links for the day



  6. Celebrating Code of Conduct Violations

    Reprinted with permission from Daniel Pocock



  7. The Militarised Elephant in the Room Still Commands a Lot of Free Software Development

    We take a difficult (albeit in-depth and perfectly factual) look at IBM's past and present; considering this is the company that controls Red Hat (which in turn controls many key projects in GNU/Linux) we need a better understanding of the real context, not PR fluff and marketing



  8. Juve Patent's Love of Patent Trolls and Their Misinformation

    The press 'gutter' known as Juve (basically propaganda disguised as 'news' since years ago) has gotten to the point where the publisher is just an extension of lawyers and liars



  9. IRC Proceedings: Friday, October 23, 2020

    IRC logs for Friday, October 23, 2020



  10. Look How Many Tux I Give!

    "Long live rms, long live (Hyperbola) GNU/BSD, and happy hacking."



  11. Embrace, Extend, and Extensions: Two New Reasons to Delete GitHub, Which Microsoft Ruined for Everyone (Except the Copyright Cartel and Other Censors)

    GitHub is being turned into a garbage dump with malicious masters (or monsters, or mobsters); many people are denied access for using the 'wrong' browser and developers/projects are being censored (not for doing anything wrong or illegal, either)



  12. [Meme] When EPO Staff Claims to be 'Ill' or 'Sick'... During a Pandemic's European Peak

    Gotta check and verify that those 'lazy' EPO examiners aren't just faking being ill (in order to not meet "production" targets)



  13. The EPO Has Relegated or Lowered Itself to Extremely Poor Standards

    Today's EPO continues to reaffirm the image of global weakness; having failed to improve the working conditions and quality of the work (its actions did the exact opposite), it's nowadays begging China to send over lots of workload irrespective of quality or merit and it is outsourcing the functions of the Office to the United States



  14. Links 23/10/2020: Turing Pi 2, GNU Parallel 20201022

    Links for the day



  15. IRC Proceedings: Thursday, October 22, 2020

    IRC logs for Thursday, October 22, 2020



  16. Links 23/10/2020: 'Groovy Gorilla' Everywhere in the News

    Links for the day



  17. For Better 'Tech Rights' in the United States (and the World at Large) the 'Orange Man' Needs to Go

    With less than a fortnight before election day we explain our stance from a purely tech-related rationale



  18. [Meme] Microsoft Never 'Brought' Skype to GNU/Linux (It Just Bought Skype) and It Never 'Brought' Edge to GNU/Linux Either (Google Did)

    Foolish media or gullible 'journalists' are giving Microsoft credit for other people's work; this isn't the first time either, but it helps perpetuate lies such as "Microsoft loves Linux" (so who cares about facts anyway?)



  19. It's Going to be a Long, Long Winter

    Today we revert back to lock-down mode; we're reflecting and pondering what comes next



  20. TechRadar is an Irresponsible Clickbait and Misinformation Site Disguised as 'News'

    TechRadar is no tech and no radar, either. It's just an opportunistic click-harvesting machine, disguised as a source of "news"; today we deal with the latest example (among many).



  21. Links 22/10/2020: LibreOffice 6.4.7, Septor 2020.5, Ubuntu 20.10 Released, FreeBSD Quarterly Status Report

    Links for the day



  22. IRC Proceedings: Wednesday, October 21, 2020

    IRC logs for Wednesday, October 21, 2020



  23. Living Humbly (With Older Technology or None) is More Compatible With Privacy- and Freedom-Respecting Technological Lifestyle

    Simplicity sometimes trumps so-called 'novelty', especially when it comes to human rights and users' freedom



  24. Reasons Why You (and Everybody Else) Should Join the Fight for Software Freedom

    Society is being closely watched and controlled (more so during/after the latest pandemic) and people must carefully consider the true importance of resisting proprietary technology (controlled remotely by state actors)



  25. Ways and Means to Reduce One's Dependency on Google's Various Monopolies and Near-Monopolies

    Getting rid of Google means a lot more than embracing DumbDumbGo (DDG) or some other sites that spy just like Google; we're taking stock of some options



  26. The European Commission is Still M.I.A. Regarding EPO Corruption (and the EPO's Management Plays Dirty, as Always)

    There's no change in the EU; the EUIPO and EPO enjoy complete and total immunity/impunity, with the Commission being manned by those who are deeply complicit



  27. 10 Reasons Why All This 'Edge for Linux' Coverage is a Total Farce

    The fake hype surrounding "Edge" is an inauthentic hype/buzz campaign made to coincide with anti-Google sentiments spread by Microsoft front/pressure groups



  28. Microsoft's IIS Has Collapsed Again This Past Month (and IIS Will Not and Cannot Survive This Way)

    Netcraft shows that Microsoft's decline further accelerates in the Web servers space; IIS is becoming financially unviable



  29. Links 21/10/2020: Alpine 3.12.1, Tor Browser 10.0.2

    Links for the day



  30. [Meme] US Department of Justice Should Have Taken on Microsoft Again, Not Google

    When lobbying, connections and political sway determine the actions of the American government it's hardly surprising that Bill Gates gets the Trump administration to fight for him (to make him even richer)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts