The other day I mildly disputed Jim Geraghty’s description of the break-in by the Chinese of the OPM’s database as a “cyber-Pearl Harbor.” After all, I offered, bad as the hack was (and it was bad), there was no destruction of an important national security asset, unlike the sinking of much of the Pacific Fleet by the Japanese back then. But I was wrong. I missed the smoking wreckage made of our espionage capabilities:
But there’s an even more serious aspect of this compromise: the threat it poses to American intelligence operations abroad, particularly to officers serving under various false identities, or “covers,” overseas. The Intelligence Community employs myriad cover mechanisms to protect the true identity of its spies posted outside the United States. Cover protects our officers and allows them to conduct their secret work without drawing as much attention to themselves. While many intelligence officers pose as diplomats, that is only one option, and some covers are deeper than others. Regardless, all espionage covers are based upon credible narratives that rely on plausible details. Through a process the Intelligence Community calls back-stopping, any officer’s cover needs to look real and check out if tested. Thus, an American spy who is posing as an oil executive, for instance, has to have a “legend” in that industry that bears that out. Think business cards, company websites, or a team of ersatz oil industry colleagues. Just as another intelligence officer who poses as a diplomat better have his or records in State Department systems, to look plausible.
And now the Chinese have their hands on a database (which may be for sale) that could allow them to sniff out whose bio is real and whose is a cover. To continue:
For American spies abroad, this can be a matter of life or death, and any personnel sent into countries where they could be targeted for kill or capture—which in the age of the Islamic State is a depressingly long list—need to be deeply concerned about how much the OPM breach has complicated, and perhaps threatened, their lives. How bad this is was explained by Joel Brenner, who from 2006 to 2009 served as the Intelligence Community’s top counterintelligence official. Describing the hack as “crown jewels material, a goldmine” for China, who Washington insiders believe is behind the theft, Brenner added: “This is not the end of American human intelligence, but it’s a significant blow.” The only good news in all this is that several of our big spy services like CIA and NSA don’t rely on outside agencies for security clearances. They do their own background investigations, while ninety percent of the Federal government relies on OPM. But that’s cold comfort since the CIA uses other federal agencies as cover so often. Besides, given the enormous extent of this compromise, which gets worse with each new revelation, many are wondering how much information the Chinese don’t have at this point.
Indeed. Remember all the security problems, potential and proven, pointed out regarding Obamacare? Anyone care to bet that those problems have been fixed and that someone hasn’t already riffled though the records of millions of applicants, or used Obamacare’s myriad connections network connections to other agencies to break in elsewhere? Add to that the Snowden operation, Bradley Manning’s data theft, the likely Russian hack of the White House (via the State Department), and you’re left wondering if anyone in the federal government has any real concern or even competence with data security.
More immediately, the Obama administration came into office proclaiming itself the most tech-savvy administration, ever. One would think they would be enraged, not just by these acts of war by China, but the gross, utter, bumbling incompetence displayed by their department heads. And yet, in spite of having been warned for years that the OPM servers were insecure, all they can do is offer free credit monitoring. No resignations. No firings. No consequences.
Except for our clandestine agents in the field.