• Why the Chinese Stole 5.56 Million USG Employee Fingerprints

    October 8, 2015

    Tags: , , ,
    Posted in: Embassy/State, Post-Constitution America

    fingerprint



    Why would anyone want to steal the fingerprints of Federal government employees? Not for identity theft; it is all about biometric espionage.


    Earlier this summer the United States suffered one of the worst data breaches in history, when someone (maybe the Chinese, maybe the Russians) broke into the Office of Personnel Management’s computers.

    The Office of Personnel Management is the primary Human Resources office for the Federal government. Because it is the Federal government, a lot of the files have to do with security clearances, many for employees in sensitive or even clandestine positions. The government has been a bit coy about which agencies’ data was breached, but has made clear it included the Department of Defense.

    For many employees, the data breach is primarily of intelligence concern in that it exposes their personal vulnerabilities, things like debt, past problems with booze or drugs, the kind of stuff that makes it easier to manipulate and recruit someone.

    And there is a lot of fodder for a foreign intelligence service to work with – the hack affected a staggering 21.5 million federal employees and their families, a full seven percent of the entire United States population (which also tells you something about the size of the government workforce.)

    But what about those fingerprints? The Office of Personnel Management now admits it lost an estimated 5.6 million fingerprint records. Why would a foreign adversary want fingerprints?

    To establish someone’s identity, of course. And through that, negate the enormous and very expensive efforts America’s undercover folks go to to create alternate identities.


    It works a lot like in the movies. Peter Parker joins the Central Intelligence Agency fresh out of college. A cover life is constructed for him under a new name, or several covers under several names. This takes time, and money, and a fine sense of detail, especially when it is expected that a person have all sorts of information about himself already on Facebook and the like. A 25-year-old without Facebook or LinkedIn? Hmm.

    Peter is drilled on each back story so he can switch between being Peter or Paul or Pat seamlessly. His appearance can be changed, and so, with false passports, “Peter” can travel as a businessperson to China in June, “Paul” can be the tourist who visits in late July and “Pat” the guy finally assigned to a new job at the embassy come August. That stuff has been going on with spies since the beginning of time.

    It worked. Or at least it used to work.


    The science of biometrics changed the game. New technologies like facial recognition, vocal prints and iris scans allow unique indicators to be collected and stored digitally. Once one matches an iris scan from Peter with one collected from Paul, they know they are the same person. Peter can only ever enter China under one name, albeit with the option of it being a false one. But he must be consistent and stick to the one. His clandestine usefulness is thus very limited.

    The concept has worried American intelligence for some time, particularly because the United States overtly collects biometric information on every person entering the United States and understands the value as well as anyone. The Central Intelligence Agency even produced a defensive how-to manual for its undercover people.

    Nonetheless, the Office of Personnel Management downplayed the danger posed by stolen fingerprint records, saying the ability to misuse the data is currently limited. “An inter-agency working group with expertise in this area… will review the potential ways adversaries could misuse fingerprint data now and in the future,” it said.


    Such reassurances aside, the problem of biometrics reaches much further than just within one country. What about for an intelligence officer who travels among various nations?

    Biometrics collected when Peter/Paul/Pat crosses an international border can be shared among allied nations, or sold to less friendly ones. Oh – the Peter from China is the same person known as Paul in Vietnam.

    If not shared between friends, broad-based biometric data can also be collected via a link up with immigration authorities, either by agreement or via computer hack, say at major hubs like Frankfurt, Dubai or Narita. One news source reported a former intelligence service employee as saying “Just before I left, they were gearing up to make a request for CIA officers to recruit foreigners with access to immigration databases.”

    But all that is a lot of work just to collect the information, can involve delicate deals with other nations and must be followed by even more work to sift through a very large haystack looking for a few suspicious government employees. Wouldn’t it be easier if someone were to hand you a 5.56 million record library of fingerprints, all known Federal employees, all organized by real names, and all accompanied by biographical and work data?


    It is entirely plausible the offices inside the American intelligence community which focus on altering or disguising fingerprints just saw their budgets increase, with a little note saying “With thanks to the Office of Personnel Management hack.”

    That is why the new information on the fingerprint hack is so significant.



    Related Articles:




    Copyright © 2020. All rights reserved. The views expressed here are solely those of the author(s) in their private capacity.

  • Recent Comments

    • Bruce said...

      1

      OR Another USG false prince operation to boogedy its own dupes into further forfeiture of rights.

      10/8/15 12:47 PM | Comment Link

    • Kyzl Orda said...

      2

      Think so far, two congressmen have discovered their ids were stolen this year, but not sure if this would be included in the OPM theft? The info has been used to apply for credit cards and something to do with taxes. One is Chaffetz and the other a democrat, Connelly:

      http://www.washingtonpost.com/blogs/federal-eye/wp/2015/10/07/congressman-chinese-hackers-tried-to-steal-my-identity/

      http://www.deseretnews.com/article/865635270/Stolen-identity-Congressman-Jason-Chaffetz-is-victim-of-tax-return-scam.html?pg=all

      10/8/15 5:24 PM | Comment Link

    • Kyzl Orda said...

      3

      Another reason why being a whistle blower is a ‘liberating’ experience

      10/8/15 5:24 PM | Comment Link

    • bloodypitchfork said...

      4

      Meanwhile, Clapper&Company are slapping each other on the back while lifting glasses of $4k bottles of the best 18th century wine, to celebrate their latest breach into their peers databases to satisfy the agreement between agency’s Directors to use NSA clandestine hacking of inter agency databases in order to instill fear into the Congress at a level historically unheard of to tighten their fear mongering strap of funding torture on those who would oppose them in the congress.

      It’s ALWAYS about manipulating the appropriations from certain members of Congress.

      10/8/15 6:38 PM | Comment Link

    • bloodypitchfork said...

      5

      ps.. Where is the proof the Chinese did the hack?

      10/8/15 6:51 PM | Comment Link

    • Kyzl Orda said...

      6

      And who is benefitting from the stolen identities?

      10/8/15 6:56 PM | Comment Link

    • bloodypitchfork said...

      7

      Meanwhile, I believe my previous opinion that the Syrian debacle will escalate into a far worse war now that Russia is involved, is gaining strength…

      http://www.militarytimes.com/longform/military/2015/10/05/us-russia-vladimir-putin-syria-ukraine-american-military-plans/73147344/

      At least I learned WHO actually makes “foreign policy”.

      “It is good for us to be aware how they fight,” said Evelyn Farkas, deputy assistant secretary of defense for Russia, Ukraine and Eurasia, in an interview with Military Times on Sept. 10. (snip)…
      Farkas is stepping down from her post at the end of October, after five years at the Defense Department. It’s unclear who will take her place as the Pentagon’s key policy maker for Russia-related issues.”unquote

      So.. DOD deputy assistant secretary’s of defense decides what the US foreign policy is for certain areas. gottcha.

      Of course, they’ll never step foot on a battlefield, but they’ll damn well send your children to death to defend their so called fucking policy. What I want to know is which fucking deputy assistant secretary of defense wrote the foreign policy for Afghanistan. I want to send him/her a nice letter.

      10/9/15 5:35 AM | Comment Link

    • Kyzl Orda said...

      8

      “So.. DOD deputy assistant secretary’s of defense decides what the US foreign policy is for certain areas. gottcha. ”

      That’s not very encouraging when the assistant DAS for Russia, Ukraine, and Eurasia remarks “It is good for us to be aware how they fight” and also previously held the job of Bosnian Human Rights officer at the OSCE per the Military Times link Pitch had posted. No wonder so many people were allowed to be murdered.

      This sounds Victoria Nuland-esque.

      10/9/15 8:52 AM | Comment Link

    • China overtakes US as world’s biggest economy | Phil Ebersole's Blog said...

      9

      […]   […]

      10/9/15 10:00 AM | Comment Link

    • EH Lau said...

      10

      thought I had found a good source for information about what the US gov’t really does…then I found this title & article in your blog:

      Why the Chinese Stole 5.56 Million USG Employee Fingerprints

      October 8, 2015

      …Earlier this summer the United States suffered one of the worst data breaches in history, when someone (maybe the Chinese, maybe the Russians) broke into the Office of Personnel Management’s computers.

      – See more at: https://wemeantwell.com/blog/?p=18056#sthash.psGFaTT4.dpuf

      More premature sensationalism & misleading propaganda stirring up the chaos of global politics! Guess I haven’t found a good source yet.

      10/31/15 2:35 PM | Comment Link

    Leave A Comment

    Mail (will not be published) (required)