Essay Sample on The OPM Incident

In April 2015, the IT Office of personnel management (OPM) publicized that there was two separate cybersecurity breach incident in which the personnel files of roughly twenty-one million five hundred thousand former, present, and prospective federal workers had been stolen from their database. The infiltrated data included the SF-86 forms that contained extremely confidential information, including full names, birthdates, home addresses, social security numbers, fingerprints, and findings from interviews conducted by background investigations (Gootman, 2016). The incident led to a congressional investigation and the top OPM executives resigning as the implications of the social security of those whose files were stolen were not yet clear.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Following the incident, headlines were reporting the breach and congressional hearings. The main OPM breach suspects were the Chinese whose network system was linked to during the investigations. Recently, a Chinese national has been allegedly accused and connected to the crime, which led to his arrest. Formally, the US government did not accuse the Chinese government until further investigations were done. Following the breach, there have been 21 class-action lawsuits that have been filed in different judicial districts (Wells et al., 2016). The US district courts, like the District of Columbia, were assigned the trials. The 21 class action lawsuits were consolidated into two. The American Federation of Government Employees filed a putative class action on behalf of the plaintiffs and a few of the affected by the breach against the OPM and Keypoint Government Solutions.

Under the US constitution, the privacy act of 1974 requires that organizations should institute proper precautions to ensure the security and confidentiality of their safety or integrity. There are a variety of other US statutory claims and universal laws that protect the people. The second lawsuit was filed by the national treasury employees union and three of its members (Gootman, 2016). They wanted declaratory and injunctive relief against the director of OPM for alleged violation of the constitutional rights to informational privacy.

With regard that cybersecurity, there have been specific laws that have been established against hackers. There are international law and long-standing international norms application to state behavior in cyberspace (Wehbe, 2017). Under international law, the Law of War Manual, the OPM breach's unauthorized intrusion into computer networks to solely acquire information without causing any disruption or physical destruction is equivalent to non-cyber intelligence activities. The US has frequently been seen to accuse china of commercial espionage of stealing intellectual property. Concerning the OPM breach, it is rather government-to-government espionage.

The Federal Computer Fraud and Abuse Act are one of the statutory laws that can be used in prosecuting the OPM hackers since it provides civil and criminal penalties. The statutory law forbids unsanctioned access to a computer and attaining National Security Information, just like the hackers did. It also outlaws unapproved entree to a computer that is used in interregional or foreign business and securing data as the Chinese hackers did (Gray & Kiland, 2016). It prevents unapproved entree to a computer used by the government of the United States, trafficking their passwords, or transmitting threats of extortions. The hackers can be prosecuted against the electronic communication protection act, which protects communication in storage and transit.

As per the computer fraud and abuse act, the hackers are privy to face imprisonment for up to 10 years for stealing national security information. Obtaining the information on the 21.5 million people that has been kept for more than one year by the hackers, they can face up to one-year imprisonment or five if the aggravating faction will apply. The hackers of OPM did infect their computer systems with malware violating the computer fraud and abuse act. They intentionally damaged their operations, which allows the US state to imprison them up to 10 years as well as other state computer crime laws.

The hackers will face an identity theft crime in which they stole the personalized information of the previous, current, and prospective employees of the US government. They managed to acquire their social security numbers, birthdates, fingerprints, home addresses, and their full names (Rabin, 2016). Identity theft will be charged under the federal identity theft statute and in other several state laws. Besides identity theft, the hackers conducted an electronic theft in which there was a breach of confidentiality by the employees. The people employed then are currently suing the government for breaching confidentiality agreement. Still, if the hackers are to be prosecuted, they will have to face the charges for such susceptibility.

Using Browser Fingerprinting Technology and other Tools to Identify Computers that were used for the Attack

Browser fingerprinting is a technology that can be used by hackers or in cybersecurity preventing hackers from attacking one's system. To identify the OPM hackers, browser fingerprinting can help in detecting the network patterns and observing the different packets generated. Browser fingerprinting can either be active or passive (Rabin, 2016). With the Protocol fingerprinting, it involves sending Transmission Control Protocol (TCP) or Internet Control Message Protocol (ICMP) packets to the attacker and analyzing the kind of response they give back. Active fingerprinting can alert the attacker and are easily detected, unlike passive fingerprinting. On the other hand, passive fingerprinting is a little slow and stealth not involving sending any packets to the hacker. They do sniff the networks to detect their usual pattern in network traffic.

The OPM hackers can be identified if they are still using X2 access as labeled by the US investigators, which has been detected. Otherwise, it will be difficult. Although passive sniffing cannot be easily recognized as it does not cause intrusions, the network presence cannot be hidden when sniffling other networks. The hackers can also be located using the TCPView in Windows computers to identify computers currently using the same network connection on your laptop. Upon determining the hacker's IP address, one can use tools like the GeoIPTool site to track down the hackers (Gray & Kiland, 2016). Traceroute can be used in corroboration with the GeoIPTool to locate the hacker accurately.

Lastly, some investigators use reverse domain network server (DNS)- Query to locate the hacker's country effectively, and his/her exact geographical location, if only the ISP'S head is broken since the breach, has already been reported. The domain network servers are machines connected dot the internet that help keep track of the IP address and the domain names of other computers (Gray & Kiland, 2016). The tools available to help locate the OPM hackers are not sufficient enough. The hackers have already pulled a curtain that makes it difficult to identify them. Currently, there is no reported ongoing activity making it difficult to locate them. It is, therefore, the responsibility of the current IT staff of OPM to enhance their cybersecurity by putting come measures in place to block the hackers from any future activity.

References

Gootman, S. (2016). OPM hack: The most dangerous threat to the federal government today. Journal of Applied Security Research, 11(4), 517-525. Retrieved from https://www.tandfonline.com/doi/abs/10.1080/19361610.2016.1211876

Gray, J. S., & Kiland, T. B. (2016). Cyber technology: Using computers to fight terrorism. Enslow Publishing, LLC. Retrieved from https://books.google.co.ke/books?hl=en&lr=&id=wghiDwAAQBAJ&oi=fnd&pg=PP1&dq=tracking+the+OPM+hacking+computer

Rabin, R. L. (2016). Perspectives on privacy, data security, and tort law. DePaul L. Rev., 66, 313. Retrieved from https://heinonline.org/HOL/LandingPage?handle=hein.journals/deplr66&div=16&id=&page=

Wehbe, A. (2017). OPM Data Breach Case Study: Mitigating personnel cybersecurity risk. BU Pub. Int. LJ, 26, 75. Retrieved from https://heinonline.org/HOL/LandingPage?handle=hein.journals/bupi26&div=6&id=&page=

Wells, S., Robson, A., Moore, R. J., Cole, S. J., & Rudd, A. (2016). Understanding the national performance of flood forecasting models to guide incident management and investment. In E3S Web of Conferences (Vol. 7). EDP Sciences. Retrieved from http://nora.nerc.ac.uk/id/eprint/515033/