In June, 2015, it was revealed by an anonymous source that the Office of Personnel Management was hacked. This office, which administers civil service, is believed to have been the target of the Chinese government. This is one of the largest hacks in history involving a federal organization.
Slowly, the motivation behind the hacking is being understood. At first, it seemed obvious, the stolen data being personally identifiable information, which is what was taken can be used for new account fraud. But in government breaches, they usually look for military plans, blueprints, and documents that deal with policy.
The question, of course, is why did the hackers focus on this information? Well, some of the data that was taken was used to launch other attackers against contractors, and this resulted in the access to several terabytes of data.
Now, those who have become victims of this attack have found themselves being the target of ransomware.
Security experts have recently noticed that the victims have been getting phishing emails, and these messages look like they are coming directly from the Office of Personnel Management. When these emails arrive, the body and subject of the message seem as if the email contains an important file. When the unsuspecting victim downloads the .ZIP file, however, they instead receive a type of ransomware called Locky.
These attacks are much more dangerous than the average phishing attack. This is mainly due to the fact that they are being received by those who have worked with the Office of Personnel Management before. Thus, they have seen the genuine emails from the office, which look remarkably similar to the fake ones. The only thing that set the two emails apart was a typo that said “king regards,” instead of “kind regards,” and a phone number that doesn’t work. These are details that many people overlook, which makes it easy for hackers to be successful with these schemes.
Who was Really Behind This Hack?
Though experts believe that the Chinese government is behind this hack, there are some facts that look a bit fishy. For instance, since personal data was taken and data has been taking hostage, this seems much more like a typical cybercrime operation instead of something that a nation would do. After all, why would China be looking for a few hundred dollars from people who want their files back?
Of course, this could be a smokescreen and someone could just be using this attack as a smokescreen…and while experts are focused on this, the real attack could be planned for the future.
Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Your Ransomware Response: Prepare for the Worst
A ransomware attack is when your computer gets locked down or your files become inaccessible, and you are informed that in order to regain use of your computer or to receive a cyber key to unlock your files, you must pay a ransom. Typically, cybercriminals request you pay them in bitcoins. The attack begins when you’re lured,
- Ransomware a $2.5 Million Service
One bitcoin = $590. If you’re sucked into a ransomware scam, you’ll likely be charged at least one bitcoin for the cyber key to unlock your computer’s files—that are being held hostage by hackers. A report from Check Point Software Technologies and IntSights has discovered a gigantic ransomware-as-a-service (RaaS) ring, raking in $2.5 million yearly. Eight new
- 2016 Information Security Predictions
No bones about it, 2016 is sure to see some spectacular, news-chomping data breaches, predicts many in infosec. If you thought 2015 was interesting, get your seatbelt and helmet on and prepare for lift off… Wearable Devices Cyber crooks don’t care what kind of data is in that little device strapped around your upper arm while you
- Ransomware Hackers provide Customer Service Dept. to Victims
Yes, believe it or not, ransomware has become such a booming business for thieves, that these cyber thugs even provide bona fide customer service departments to guide their victims! When ransomware infects your computer, it holds your files hostage; you can’t access them—until you pay the hacker (usually in bitcoins). Once paid, the crook will give
- Why Hacking is a National Emergency
Foreign hackers, look out: Uncle Sam is out to get you. President Obama has issued an order that allows the State Department and Treasury Departments to immobilize the financial assets of anyone out-of country suspected of committing or otherwise being involved in cyber crimes against the U.S. kThis order, two years in the making, covers hacking