Morning Security Brief: Federal Worker Database Breached, ATF Review, Cybersecurity, and More

By Lilly Chapa

 Chinese hackers gained access to a database of personal information for all U.S. federal employees, according to The New York Times. The hackers penetrated the Office of Personnel Management system and targeted the files of tens of thousands of employees who have applied for top-secret security clearances. A Department of Homeland Security official confirmed that the breach occurred but said there has been no loss of personal information at this time. An emergency response team has been assigned to mitigate any risks identified, according to the official.

The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) has undergone drastic changes over the past decade to better address violent crime. However, the agency has recently run into staffing challenges, and some of their new programs and investigations are lacking data, according to a Government Accountability Office (GAO) report released yesterday. The number of special agents decreased by 6 percent between 2010 and 2013, representing the lowest number of agents in eight years. According to the ATF, this was due to funding restrictions and a wave of retirees—about a quarter of the bureau’s special agents were eligible to retire in 2013. ATF was hiring human resources personnel to address the problem, according to the GAO report. ATF has also begun focusing on delayed denials—situations where individuals purchased firearms when background checks did not initially determine them to be ineligible. However, there is no readily available data to track the timeliness and outcomes of these investigations, and the GAO recommends that the ATF develop a system to readily obtain and analyze data.
Cyberattacks against industrial control systems have substantially increased, but organizations are still not as prepared as they should be to deal with such attacks, according to a study by Ponemon Institute. “It is difficult to understand why security is not a top priority, because 67 percent of respondents say their companies have had at least one security compromise that led to the loss of confidential information or disruption to operations over the last 12 months,” the report stated.  The report is just the latest to show slow progress in improving cybersecurity for critical infrastructure, and companies aren’t making it a priority, the report said. “People across the board recognize the problem, but as a corporate priority it is not in the top five,” said Larry Ponemon, one of the study’s authors.
In other news, the June blast in Lagos, Nigeria, which killed several people and coincided with the shopping mall bombing the same day, was perpetrated by Boko Haram, according to security analysts. The LA Times reports that a female suicide bomber parked her car next to a gasoline tanker and blew herself up. Moments earlier, a bomb was thrown over a nearby fence. Authorities initially blamed the blast on a gas cylinder accident.  And the Senate Select Committee on Intelligence voted to approve the Cyber Information Sharing Act, a controversial bill that is intended to help companies stop hackers. However, civil liberties advocates claim the bill does not provide Americans with enough privacy protections.


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.