Running head: Data breach in USA federal government 1

Name

Professor

Course

Date

Data breach in USA federal government

Data breach in USA federal government 2

Executive Summary

In 2015 when data breach occurred in the USA federal government, millions of data files

were affected. Computer data files of 4.2 million employees currently and previously working

were compromised. Compromised data in the breach comprised social security numbers, dates of

birth, private investigation information information on employees and contractor information.

Reports on the data came from government workers who did not want to be mentioned because

of lack of authority. They explained that office of personal management which handles employee

information and security clearances had been hacked.

Before full investigation senator Susan Collins a member of the senate intelligence

committee stated that the data breach was based in China. Zhu Haiquan the Chinese

spokesperson argued explained the attack might have been conducted from any part, it was

difficult to track the source of attack. OPM gave a media report on the cyber attack explaining

the cyber attack affected data information on the previous and current employees who worked

for the government. Investigation were still underway.

Organization’s Mission, Vision, and Goals

Mission

Lead and serve the federal government in human resource management through service and

policy delivery to achieve effective civilian work.

Vision

Add four insurance carriers to federal employee insurance and dental program.

Goals

The goals of Operation personal management include;

Data breach in USA federal government 3

1. Pay, transform hiring and benefits in the federal government to retain and attract civilian

workers to the workforce.

2. Optimize agency performance

3. Improve communication and integration of OPM services to federal agencies to meet

emerging needs

4. Lead modernization and establishment of human capital information technology solutions

and data management system.

Background

Cyber security is the practice of safe guarding data and organization from unauthorized

personnel by implementing security protocols. Computer security is concerned on security of

computer hardware ad software. Cyber security and computer security are concerned with

security, however there are differences between cyber security and computer security the

differences include;

Computer security Cyber security

1. Security of a single computer gadget 1. Security of all security gadgets in

2. Simple does not involve alot of expertise communication

since its a single computer gadget 2. Technical since it involves several

3. Cheap because it does not require an expert computer gadgets

and does not take time 3. Expensive because it requires trained

personnel and resources

Data breach in USA federal government 4

Data flows is the process of data transmission in data packets through data cables. Deploying

NFAT is the process of moving the nuclear factor of activated cells in computer forensics. The

two process involve movement in computer technology however there are differences between

the two. For instance Data flow involves data movement for the purpose of data processing while

deploying NFAT is a process of moving factors of activated cells as part of computer forensic

investigation.

Vulnerabilities

People

Workers in the federal government are responsible for security of information of former

and current employees. There are protocols that are followed to ensure security measures are

employed professionally, however if the protocols are not followed security risks increase. There

are several ways employees makes the organization prone to vulnerabilities, for instance

employee according to the OPM had not set up strong security passwords. Weak passwords

made it easy for hackers to guess or retrieve passwords. While using public domains the workers

enabled the remember password feature, hackers were able to retrieve the passwords.

Employees have also been reported to have left working systems after working hours,

OPM computers connected to the internet leaving them dormant have made them prone to

attacks. Employees have also been installing software from pirate websites. Software from

pirate websites are malicious the have bugs and virus. After installing the software some of those

software have been used to retrieve user names and passwords which hackers use to retrieve

data and information from OPM working systems.

Data breach in USA federal government 5

Processes

Processes in the organization on data handling are organized and must be followed as

planned. Failure to follow the processes makes the organization vulnerable, processes make the

organization vulnerable in the following ways. For instance employees are supposed to login into

the data systems and perform data functions after which they are supposed to logout of the

system. Failure to follow procedures makes the organization prone to data and information hack

through the different processes. Citizens who have requested for investigation into cases, data

and information on cases is shared through the internet. Data and internet shared through the

internet is at risk and it is likely to be intercepted by unauthorized personnel.

Technology

Organizations embrace new technology to advance in information handling. Changing

technology in an organization is an advantage as well as a risk. Workers take time to learn new

technology and in that process the organization is prone to attacks by expert criminals who

understand the technology better. New technology that has is new in the market has not been

tested properly which makes it risky for organization to use. For instance data processing

software back up data in public cloud domain, the data and information in public cloud domains

can be accessed through simple processes such as Google search or specific search terms. New

technology which does not have tested security measures can risk data leakage, data that has

been leaked is easily accessible by hackers.

Hardware

Hardware components are used in the federal government offices to store data and information,

there are measures that are employed to ensure data is safe. If the hardware is not compatible
Data breach in USA federal government 6

with the security measures the data and information is prone to vulnerabilities such as virus and

hacks. Computer hardware must be able to handle computer software security and other security

measures involved to ensure data and information is secure. Hardware can only be accessed

through internet and software installed in the hardware. Hardware type determines security level

that can be installed in the hardware. If the secure measures set in the hardware are not

compatible to the hardware data and information will be at risk of being accessed without the

required authority.

Software.

Software are used in data storage and setting security parameters in the computer hardware.

Software security settings that are set the data becomes vulnerable to hacking and security

threats. There are new software which users install from pirate sites downloads, such software

have malicious files that are used to retrieve data and information. Software automatic

installation is a security risk, as users access public domains they come across software. Clicking

on the software initializes automatic installation in the working system, automatic installation

could be used by hackers as a method of accessing data with authority.

External Vulnerabilities

There are other vulnerabilities apart from the above mentioned. The vulnerabilities make it easy

to hack data and to make it prone to attacks from the current form on which it has been kept. For

instance network connectivity to outside organizations are an external risk because they are not

monitored. Internet access is not restricted hackers are therefore able to access the federal

government through the website. Hackers pretend to be normal internet users while in the end

they try to gain access to information which they are not allowed to access.
Data breach in USA federal government 7

Threats

Threats to the organization must be identified so set measures that will ensure the threats are dealt

with for the safety of organization data and information. There are several ways of identifying

threats to the organization.

People

There are several threats which people in the organization create, the threats created make it easy

to hack or access the data without authority. Every employee has a security duty towards

ensuring security of data, if employees are ignorant of their duties security measures on the data

are not well set up in place which then makes the data vulnerable to attacks.

Processes

There are processes that are involved in handling of data and information in the organization. If

the processes are not handled as they are to be followed data and information are at risk. There

are organizational information and data handling procedures which make it risky to handle data

and information, the processes make data and information easy for unauthorized access.

Technology

Technology reinforces data and information handling, technology keeps on changing. As

technology is changing employees have to learn new techniques on how they will handle the

data. Employees have to learn new technology that will be used in data handling, while they are

carrying out the procedures and they are not conversant with procedures the data is at risk.

External Threats

Data handling components include hardware and software components. The components might

face threats from the external environment, weather affects hardware components if its is hot or

cold components freeze of heat up and this prevents them from working properly. External
Data breach in USA federal government 8

threats are risks to data and information, failure to contain external threats makes the

organizational data and information prone to attacks. Weather condition is an external threat in

case it is hot or cold this interferes with access to information. Computer systems in poor

weather conditions failure, failures makes security measures to be at risk and while they are at

risk as system resume IT personnel have to work on the security measures to ensure they are

interact. While system are being worked on organizational information is at risk of access by

unauthorized personnel.

Risks

Management Risks

Management in the organization are the overall decision makers, before new technology can be

embraced in the organization top management must be able to make decision on whether the

technology will serve the company’s interest. If organization management make any wrong

decision while deciding any on any of the above mentioned aspects the organization data and

information will be at risk of being hacked. For instance organization management might decide

to choose certain devices that will be used to process organizational information, if the systems

do not work as expected top management have made the wrong decision and this makes

organization information and data prone to hacking.

Operational Risks

Operations in an organization have to be taken in a planned process, in this case for instance

there are planned processes of handling data and information. Planned procedures in the

organization can lead to information and data vulnerability because the process expose the data.

For instance organizational data is transferred through the internet, the internet is not restricted

and this makes the process risky to intervention. Other data processes are done in the public
Data breach in USA federal government 9

domain, the public domain is not secure data and informational processes that are carried out

over the internet makes the work processes risky and the information communication can be

hacked.

Technology Risks

Every organization must embrace technology, technology in the organization helps to make work

processes easier but technology is a risk organizational data and information in several ways. For

instance if the employees are not conversant with the technology being used, lack of proper

knowledge of the technology being used by employees make it easy for hackers to have a better

chance to access information without authority. Technology as an invention has the risk of

failing at times, all organizational data and information is handled through technology. Failure of

technology used to handle data makes it easy for hackers to access the information of the same

information getting to the public domain.

External Risks

Apart from the internal risks in the organization there are external risks in the organization that

makes data and company information easy to access without authority. Citizens who have

requested for private investigation, hackers might impersonate them and gain entry to the

organization system without authorized access. Service providers also pose a risk to the

organization, hackers may identify weaknesses of the systems provided or they may impersonate

the service providers to gain entry which they do not have permission to access.

Classifying Risk
Data breach in USA federal government 10

Risks fall under internal or external risks to organizational data and information. All the entities

in the organization fall under internal risks while the rest are classified as external risks. People

processes and technology are internal risks while weather and all other external entities that

affect the organization are external risks to the organization.

Countermeasures

There are internal and external and internal risks to the organization, counter measures must be

employed to minimize both the internal and external risks. Countermeasures the organization

should employee include.

Penetration Testing

Countermeasures that have been set up in place must be tested to understand whether they are

working properly. Every counter measure must be tested as demonstration that it is penetration

proof.

Deploying Security Models

Security models are employed to ensure data and information on the organization is secure.

There are several security models that are deployed to ensure data and information is secure from

unauthorized access.

Additional Security Mechanisms

Additional security measures must be employed to ensure data and information is secure from

unauthorized access.

Recommendations
Data breach in USA federal government 11

Appendix A: Security Models

I. Bell-LaPadula
a. Origins of Model
b. Characteristics of Model
c. Key Features of Model
II. Biba’s Strict Integrity Policy
a. Origins of Model
b. Characteristics of Model
c. Key Features of Model
III. Clark-Wilson
a. Origins of Model
b. Characteristics of Model
c. Key Features of Model
IV. Chinese Wall
a. Origins of Model
b. Characteristics of Model
c. Key Features of Model
V. Clinical Information Systems Security
a. Origins of Model
b. Characteristics of Model
c. Key Features of Model
VI. Noninterference Security
a. Origins of Model
b. Characteristics of Model
c. Key Features of Model
VII. Deducibility Security
a. Origins of Model
b. Characteristics of Model
c. Key Features of Model
VIII. Graham-Denning
a. Origins of Model
b. Characteristics of Model
c. Key Features of Model

Appendix B: Business Case for (Insert the name of your organization and make sure this is
on its own page)
I. Overall Organization Security Posture
a. Pre-Breach Posture
b. Pre-Breach Risks
c. Post-Breach Posture
d. Post-Breach Risks
II. Security Mechanisms Recommendations
III. Implementation Plan
a. Step 1 (add steps as needed and add a name to the step)
IV. Security Objectives
Data breach in USA federal government 12

a. Confidentiality
b. Integrity
c. Availability