Post office breach: The new Cold War?

Further good information below regarding the cyber-attack on the USPS announced on Monday 11/10/14. The two USA Today articles below regarding the breach and the article regarding telecommuting for EAS employees being suspended as a result is a good one too.

The APWU is also sending out information to everyone on their e-lists regarding the fact that they are investigating why no employees were notified until almost 2 months later, and the day before a holiday, Veterans Day. Even Congress was told on the 22nd of October, weeks before employees that were directly affected.

Even though the USPS is offering us one year of free credit reports, I am sure there is not a timeline for misuse of our confidential and personal information that was compromised. Your birthday, SS# and mother’s maiden name, etc. are not going to change…..

President Mary Burkhard


Elizabeth Weise, USATODAY


SAN FRANCISCO – The computer breach of the U.S. Postal Service, revealed Monday, could be part of the undeclared cold war in cyberspace, some experts say.

"Everyone realizes that the next true conflict that's going to be fought is going to be launched not with an artillery barrage but a cyberbarrage," said Edward Ferrara, an analyst with Forrester, a technology research company.

The Postal Service was breached in September and first reported the intrusion in a classified briefing to Congress on Oct. 22. Information about it was made public Monday.

Those behind the breach penetrated the post office's employee database, compromising information about more than 800,000 workers. They also got into the service's customer care call-in and e-mail service.

Anonymous sources told The Washington Post that U.S. officials believe the Chinese government was behind the attack.

If that is indeed the case, it's likely part of an attempt to gain more information about the U.S. government, said Ferrara.

"These guys are learning. When they hack the post office, not only is it the hack, it's the chance to learn about how our computer systems work," he said.

In a talk last week, Admiral Mike Rogers, the director of the National Security Agency and commander of U.S. Cyber Command, said that nation states are definitely involved in cyberattacks against the United States.

In the past, the global standoff was nuclear and it involved just two countries, the United States and the Soviet Union, he said at a question-and-answer session at Stanford University's Center for International Security & Cooperation.

Today, his concern is that many nation states, as well as groups and individuals, are able to engage in acts of cyberassault and "most of them have come to the conclusion that there is little risk of having to pay a price for this is in real terms," he said.

That, he believes, has the potential to encourage nations to be more aggressive in the online realm, "And that's not a good thing for us, or, I would argue, for the world," he said.

Although the post office may not seem an important target, access to employee data, especially from higher-level employees, is useful for launching phishing attacks on other agencies, said Tal Klein, vice president of strategy at Adallom, a computer-security company.

"We call that 'seed data,' " he said. "To get the best kind of seed data, you want to go after a target that's trusted by a lot of other targets. If an executive sends out an e-mail, the likelihood is that more people will open it, compared to when someone in the mail room sends out e-mail."

Whether or not China is behind the attack, Klein does note that the standard of what's allowable seems to change depending on who's doing it.

"I just think it's amazing that when the NSA does it, it's for national security. And when China does it, it's espionage," he said. "I'm not really sure I understand the difference."

The issue of who will have the most influence on Asia is one of interest to the United States and China. Many believe both nations are preparing in case that jostling for place becomes more overt.

"When you have a future adversary like that, you want to learn everything you can about them," Ferrara said. "This is an example of this type of surveillance. Or let's call it what it is, which is spying."

The post office is a good target because it is relatively low value, but shares similar systems and architecture with many other U.S. government computer networks.

"Typically, these attacks are to get the lay of the land," he said. "They can also be diversions. If you get law enforcement focused on this, they're not necessarily looking at other things. You launch an obvious attack on a low-level target and then a non-obvious attack on a high value target."

Not everyone is convinced this is anything that official.

"This does not fit the M.O. of the security compromises that have been leveraged by the Chinese regimen over the years," said Tom Kellermann, chief cybersecurity officer with Trend Micro USA.

He sees the post office attack as an example of the growth of an underground criminal hacker community in China. They are not beholden to the government and are out for their own financial gain, he said.

The robust technological advancement of China, he said, "has created the perfect environment for the manifestation of a significant Chinese hacker community."

Post office suspends telecommuting due to breach

Elizabeth Weise, USATODAY

SAN FRANCISCO - Following a breach of its employee database, the U.S. Postal Service has shut down its secure virtual private network and suspended all telecommuting for employees at its D.C. headquarters, officials said.

VPNs are encrypted software "tunnels" that allow employees to connect securely to the office from home or elsewhere.

The post office breach, first reported on Monday, penetrated the post office's employee database, compromising information about more than 800,000 workers. The assailants also got into the service's customer care call-in and e-mail service.

"The Postal Service has shut down our VPN and telecommuting has been suspended until further notice," said Sue Brennan, a Postal Service spokeswoman.

The suspended telecommuting program only affects employees who work at Postal Service Headquarters employees, although the VPN outage is nationwide, Brennan said.

How many employees the telecommuting suspension will affect was not immediately available.

In general, Postal Service employees only telecommute one or two days per week. Because they cannot work remotely, they will be required to report to their work stations, Brennan said..

"This isn't like other agencies that have mass employees working from home or from alternate locations with no work station assigned — our employees have cubes or offices assigned to them on a permanent basis," said Brennan.