The REAL scandal WaPo ignores


While the Washington Post played such a large role in over-hyping
the minor issue where several employees of the U.S. Secret Service
availed themselves of the services of Colombian prostitutes
while on a trip to Cartagena, Colombia,
putting this story on page A1 on April 15, 17, 18, 19, 20, and 22 2012,
and consistently referring to it as "a scandal",
indeed, often calling it (absurdly)
"the greatest scandal in the history of the Secret Service",
a failure of the U.S. government with far more significance to the nation
has received no such prominent coverage,
and indeed, so far as I know, has never been called by the Post a scandal,
although it richly deserves that term.

What I am referring to is the stealing of key personnel files of the U.S. Office of Personnel Management (OPM)
by, evidently, hackers working effectively for the Chinese government.
(To date, no authoritative person has said that for the record,
but off-the-record, that has been strongly implied.)

The scandal, in my view, has several components:
First, it could and should have been prevented by the U.S. government.
Second, it is a scandal that the Post has not adequately reported
the congressional hearing that attempted to shed light on how and why this happened.

But enough accusations, at least for the time being.
Let's take a step back and see why this represents such a government failure.
Let's look at the situation, as we know, existed even before the data breach was discovered.

There were three pieces of the puzzle that were known:
  1. Vulnerability: That the data stored on the computers used by the OPM was vulnerable to being hacked.
    This was pointed out by the OPM Inspector General
    in a FISMA audit dated November 12, 2014,
    and in various earlier FISMA audits;
    note also this 2015-06-05 NYT article.
  2. Capability: That Asian nations (and no doubt others) had both the capability and desire to hack U.S. computer systems was well-known.
    As an example, it was very widely reported that the North Koreans had hacked Sony Studios computer files,
    out of pique over a film Sony planned to release depicting an assassination plot against the leader of North Korea.
  3. Significance: While not widely publicized at the time,
    since the hack the signficance of the theft of those files has been widely reported.
    It must have been well known within the USG's intelligence and security apparatus.

Yet the people in OPM and the White House responsible for protecting the government's vital records from this sort of espionage
certainly failed to do so.
What did they do?
That seems to be a worthy question for the media to dig into.

Labels: , ,