Sanjeev Relia says: June 2015 saw one of the biggest cyber espionage cases ever reported in the history of cyberspace. This time Chinese hackers (as accused by the US Government) broke into the Office of Personnel Management (OPM) network which holds the personal data of the agents working for the CIA. As per reports which appeared in the media, agency’s systems containing information related to the background investigations of “current, former and prospective” federal employees, and others for whom a background check was conducted, were breached.
The US government is calling it the largest known theft of government data in history. It is suspected that the hackers took away personal records of as many as four million people of the agency. While the massive loss of data has certainly left a lot of government official in USA red faced, what could be the motive behind stealing data of federal agents working for the US government? To start with, personal information could be used to blackmail these employees thereby impacting their efficiency and the efficiency of CIA on the whole. The information could also be used to cultivate unsuspecting U.S. officials as spies, leveraging details in the records. On the whole the impact of this breach will have far reaching consequences.
China which was blamed as the prime suspect for the loss of data has denied any involvement. The Foreign ministry spokesperson Lu Kang denied during a press conference on 16 June 2015 the US accusations that the attack was mounted by state-sponsored Chinese hackers. In fact the Chinese went a step ahead and blamed US for cyber espionage on China.
Whoever is behind the OPM network hack has clearly demonstrated that no information is secure in the cyberspace. With all the technology available to them, if hackers can break into the systems of CIA, how secure would data in India be? We have recently created a very large pool of public data for the UID scheme. If a hacker is able to break into the UID systems, fake ID cards could be issued to foreign terrorists who can then use them to gain entry at sensitive installations and spread terror. Loss of personal data is an extremely serious matter. We need to take stock of our data security mechanism and ensure that such a case does not happen with us.