China and Russia cross-referencing OPM data, other hacks to out US spies
The identities of a group of American technical experts who have provided assistance to covert operations by the US government overseas have been compromised as the result of cross-referencing of data from the Office of Personnel Management (OPM) and other recent data breaches, according a Los Angeles Times report. The Times‘ Brian Bennet and W. J. Hennigan cited allegations from two US officials speaking under the condition of anonymity that Chinese and Russian intelligence agencies have worked with both private software companies and criminal hacking rings to obtain and analyze data.
William Evanina, the Office of the Director of National Intelligence’s National Counterintelligence Executive, confirmed in an interview with the LA Times that data from breaches had “absolutely” been used to unmask US covert agents. Performing data analytics on breach data could tell foreign intelligence agencies “who is an intelligence officer, who travels where, when, who’s got financial difficulties, who’s got medical issues” and help create a “common picture” of US intelligence operations, he said.
According to the report, the OPM hack and other major data breaches were being merged and analyzed by China in an effort to both ferret out US covert operations—to provide background information for targeted cyber-attacks—and to provide intelligence on individuals who could be targeted for blackmail. And Russia’s Federal Security Service (FSB) is also using recent data breaches and ties to cybercriminals to target US government employees for cyber-attacks, the unnamed officials claimed.