Russia, China said to use hacked databases to find US spies

31.08.2015
Foreign spy agencies, including those from Russia and China, are cross-checking hacked databases to identify U.S. intelligence operatives, according to a news report.

One secret network of U.S. engineers and scientists providing technical assistance to the country's overseas undercover agencies has been compromised, according to a story Monday in the Los Angeles Times.

Foreign intelligence agencies are cross-referencing several compromised databases, whose information includes security clearance applications and airline records, to identify U.S. intelligence agents, the report said.

The U.S. Office of Personnel Management announced a breach of its security clearance database in June. That breach compromised information on the government’s Standard Form 86, a 127-page questionnaire that asks about an applicant’s past military experience, criminal background, computer hacking activities, financial problems and links to terrorism groups.

U.S. lawmakers have worried that the OPM breach would endanger intelligence agents and open up applicants to blackmail.

With the OPM breach and other recent compromises, "our biggest fear has been that these data breaches were not isolated incidents, but part of a larger campaign with the intent to expose intelligence agents and others with security clearances around the world," Ken Westin, security analyst for cybersecurity Tripwire, said by email.

There is growing evidence that exposing intelligence agents was the motivation behind several breaches, he added.

The report raises several concerns for government agencies and private businesses, Westin said. "Our risk and threat models don't take into account the exponential damage that can come when datasets from multiple breaches are correlated," he said. "Big data isn't just used in business, but also cybercrime and espionage, and this is more apparent now than ever."

A "massive amount of data" that people willingly share helps make this type of espionage possible, said Tim Erlin, director of IT security and risk strategy at Tripwire. "The actual government records provide a key set of data, but when correlated with other information, enemy nation-states can assemble a dangerously complete picture," he said.

Grant Gross