Feds hacked: Is cybersecurity a bigger threat than terrorism?

The US Postal Service announced Monday that the personal data of 500,000 postal employees was exposed in cyberattacks this year. This year hundreds of millions of private records have been compromised in attacks on business and government computers.

Mike Blake/Reuters
US Postal Service mailboxes at a post office in Encinitas, California on Feb. 6, 2013. The U.S. Postal Service reported a data breach Nov. 10, 2014, that may have compromised personal information about its 500,000 employees as well as data on customers who contacted its call center from January through mid-August.

While the terrestrial fears of terrorism and Ebola have dominated headlines, American leaders are fretting about what may be even more serious virtual threat​s​ to the nation’s security.

This year, hundreds of millions of private records have been exposed in an unprecedented number of cyberattacks on both US businesses and the federal government.

On Monday, just as President Obama arrived in Beijing to being a week-long summit with regional leaders, Chinese hackers are suspected to have breached the computer networks of the US Postal Service, leaving the personal data of more than 800,00 employees and customers compromised, The Washington Post reports.

The data breach, which began as far back as January and lasted through mid-August, potentially exposed 500,000 postal employees’ most sensitive personal information, including names, dates of birth, and Social Security numbers, the Postal Service said in a statement Monday. The data of customers who used the Postal Service’s call center from January to August may have also been exposed.

"The FBI is working with the United States Postal Service to determine the nature and scope of this incident," the federal law enforcement agency said in a statement Monday. Neither the FBI nor the Postal Service, however, confirmed it was the work of Chinese hackers.

The breach did not expose customer payment or credit card information, the Postal Service said, but hackers did gain access to its computer networks at least as far back as January. The FBI informed the Postal Service of the hack in mid-September.

“It is an unfortunate fact of life these days that every organization connected to the Internet is a constant target for cyber intrusion activity,” said Postmaster General Patrick Donahoe in a statement. “The United States Postal Service is no different. Fortunately, we have seen no evidence of malicious use of the compromised data and we are taking steps to help our employees protect against any potential misuse of their data.”

But the reported breach comes as both intelligence officials and cybersecurity experts say computer hackers now pose a greater threat to national security than terrorists.

Since 2006, cyber-intruders have gained access to the private data of nearly 90 million people in federal networks, the Associated Press reported in a major investigation published Monday.

Hackers have also accessed 255 million customer records in retail networks during this time, 212 million customer records in financial and insurance industry servers​,​ as well as 13 million ​records of those in ​educational institutions, the AP reported.

“The increasing number of cyber-attacks in both the public and private sectors is unprecedented and poses a clear and present danger to our nation’s security,” wrote Rep. Elijah Cummings (D) of Maryland, ranking member of the House Committee on Oversight and Government Reform, in a letter to Postmaster General Donahoe on Monday.

Still, unlike the well-publicized hacks of businesses like Home Depot and Target, in which the payment information of nearly 100 million customers was exposed this year, recent data breaches have puzzled experts.

In October, JPMorgan Chase, the largest US bank, reported that hackers had compromised the personal ​contact ​information of more than 83 million customers. But even though the hackers, suspected to be from Russia, had access to numerous servers in JPMorgan’s systems, they accessed only personal information lists – not accounts or financial data.

Russian hackers were also suspected of being behind a breach of unclassified White House computers, ​reported​ in October as well.

The limited scope of the information that such hackers gained access to this year may indicate that they are ​simply ​exploring system security in the never-ending chess matches of international espionage and spying, experts say.

​But the battle against highly sophisticated hackers, cybersecurity experts say, is a 24/7, 365-days-a-year arms race. It’s a cat-and-mouse game as hackers constantly probe a network’s defenses, finding inevitable flaws and weaknesses that system administrators must “patch” on a regular, ongoing basis.

This means hackers are usually one step ahead.

"No matter what we do with the technology ... we'll always be vulnerable to the phishing attack and ... human-factor attacks unless we educate the overall workforce," Eric Rosenbach, assistant secretary of Defense for Homeland Defense and Global Security, told the AP.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.