The “Real” OPM Data Breach

Stealing
A lot has been made and should be made of the theft of over 21 million federal employees’ sensitive personnel records and security clearances. 



Everyone rightly, although somewhat selfishly, is worried about identity theft and the compromised privacy of their information.



The government is worried about hostile nation states using the pilfered information to bribe or coerce military, intelligence, high-level politicals, and others to turn and work for them or otherwise to use against them. 



But what is grossly missing in this discussion is not what information presumably the Chinese stole and how they will use it against us, but rather what information they inserted, altered, or otherwise compromised into the OPM personnel and security databases when they got root access to it.



Imagine for a moment what could hostile nations or terrorists can do to this crown jewel database of personnel and security information:



– They could insert phony records for spies, moles, or other dangerous persons into the database–voila, these people are now “federal employees” and perhaps with stellar performance records and high level security clearances able to penetrate the depths of the federal government with impunity or even as superstars!



– They could alter personnel or security records taking prominent or good government employees and sabotaging them to have questionable histories, contacts, financial, drug or criminal problems and thereby frame or take-down key government figures or divert attention from the real bad guys out there and tie our homeland security and law enforcement establishment in knots chasing after phony leads and false wrongdoers and villains.



Given that the timeline of the hack of OPM goes back to March and December 2014, this was more than enough time for our adversary to not only do to our data what they want, but also for the backup tapes to be affected by the corrupt data entering the system. 



The damage done to U.S. national security is unimaginable. As is typically the case with these things, “An ounce of prevention is worth a pound of cure.” Instead of investing in security, now we can invest in “credit monitoring and identity theft protection” for a very sparse three years, while federal employees will go a lifetime in information jeopardy, and the federal government will be literally chasing its tail on personnel security for decades to come. 



With the price so low to our adversaries in attacking our systems, it truly is like stealing and much more. 😉



(Source Photo: Andy Blumenthal)

Don’t Let Them Fling It Onto You

Covered_in_it

So this guy has a job where he is at the front of a line of people passing buckets of sh*t to the next guy in the line.

A stranger comes along and asks him what he is doing–“what is your job?”

The man passing the buckets replies, “I am a manager.”

The stranger looks askew and quite puzzled, he asks, “What makes you think you’re a manager?”

The man at the front of the line answers “because I don’t take no sh*t from anybody!” 🙂

And so it goes, we work on “the line” whether passing buckets or pushing papers, and someone in the front thinks they are the boss or superior–and as someone from the military once told me, “I don’t take sh*t. I give sh*t!”

Unfortunately, for those of us who humbly go to work to do our jobs, the prevalence of workplace bullies–who push their weight around can make our (work) life very unpleasant and unproductive.

A Zogby poll in 2007 found that 49% of workers had experienced or witnessed workplace bullying–and this included all sorts of harassment such as verbal abuse, sabotaging someones job, and abusing their authority.

Workplace bullying is being called a “silent epidemic” with a full 37% or 54 million workers in the U.S. having suffered at the hands of a workplace bully.

The results, of course, can be devastating not only for the person’s job, but often they (45%) suffer adverse psychological and physical health impacts.

Further, as we know, when people suffer, their families usually suffer along with them, so the ultimate impact in terms of the number of people affected is disproportional to those those who experience bullying firsthand.

Aside from the people impact of bullying, the organization and its mission suffers in terms of elevated absenteeism, decreased morale, lower productivity, and stunted innovation.

This is why aside from the basic humanitarian aspects, an organization should be extremely watchful for and weed out bullies in the workplace.

However, when bullies, are front and center in the leadership ranks of the organization, the problem is all the greater, because others lower in the hierarchy, but also at senior levels may be hesitant to address the issue.

They are scared to confront the bully as perhaps they should be given the bully’s threatening posture and deeds.

But the answer is not to get personal, but rather to make it objective–know the laws and policies that protect you, document the events, identify any witnesses, discuss with organization representatives charged with investigating possible wrong-doing, and seek legal counsel, where appropriate.

Probably, the most important thing is to be clear that like the manager at the front of the line, you do not accept sh*t from anyone–that you and your family’s health and well-being deserve at least that much.

(Source Photo: here with attribution to EverJean)