Security breach at US security Contractor USIS went undetected for Months

A cyber-attack at top US government security clearance contractor, USIS went unnoticed for several months raising serious credibility and Integrity questions on the company’s part. Sources close to the ongoing FBI investigation told The Associated Press that the network intrusion was similar to an earlier cyber-attack by Chinese government backed hackers.

Although both USIS and the US government are yet to officially link china to the attack, sources privy to the investigations indicated the attack was state-backed. In an interview, assistant director of the FBI’s cyber division, Joseph Demarest, said “there is some attribution” as to who were responsible for the “sophisticated” attack against USIS, but failed to divulge on the identities of the culprits. “We’re still working through that as well,” he said.

The breach compromised internal records of over 25,000 employees of US department of Homeland security (DHS), and cost the USIS hundreds of million dollars in lost government contracts. DHS immediately issued “stop-worker order” preventing information flow to the USIS.

The Office of Personnel Management (OPM) also suspended its work relations with USIS for what the company said was “out of an abundance of caution.” OPM later failed to renew its $230 million background checks contract with USIS. The move by government agencies to severe works relations with USIS has caused massive layoffs at the company.

Recently, USIS has been at pain to explain how computer detection alarms in the company’s systems failed to detect the networks intrusion that went on for months. A government task force investigating the hack, in an attempt to identify the perpetrators and the scale of stolen information, also raised concerns of negligence on the part of federal agencies who contracted USIS without close monitoring practices.

Predictably, a computer forensic analysis consultancy firm hired by ISIS, insulated the government contractor against any wrong doing in handling the breach. According to the forensic team, the USIS was first to announce the breach. Furthermore, government agencies contracting with USIS regularly reviewed and approved the company’s early warning systems, implying there were equally culpable for failure to dected the network intrusion. The consultants further criticized the government for suspending its contracts with USIS.

In a separate private analysis, Stroz Friedberg, a digital risk management firm certified that USIS had government-approved, “perimeter protection, antivirus, user authentication and intrusion-detection technologies” that could have easily detected the breach, raising more eyebrows as to how the intrusion went on undetected in such a fortified network.

The sustained breach questioned the credibility and capacity of USIS to vet US government workers for crucial security jobs. To many, the possibility that USIS computer network is vulnerable to cyber espionage, undermined the integrity of the system used to conduct background checks of over 4.9millions government workers and contract employees.

“The information gathered in the security clearance process is a treasure chest for cyber hackers. If the contractors and the agencies that hire them can’t safeguard their material, the whole system becomes unreliable,” said Alan Paller, head of SANS, a cybersecurity training school, and former co-chair of DHS’ task force on cyber skills.

Last month, US Senate Homeland Security and Governmental Affairs Committee, grilled DHS and OPM on how they handled the security breach at USIS. Sen. Jon Tester expressed his fears that USIS was not able to “maintain a modern, adaptable and secure IT infrastructure system that stays ahead of those who would attack America’s national interests” as expected of all federal agencies and government contractors.

In relation to the breach, the Government Accounting Office (GAO), prompted Homeland security to re-evaluate a $200 million contract with USIS. GAO advised the agency to shift its contracts to a rival firm, FCi Federal, a suggestion that never sat well with USIS.

Recently, the Congress  has criticized USIS for failure to do a good background check on Former NSA contractor, Edward Snowden and on Aaron Alexis, – a military contractor employee who went on  a killing spree in Washington Last year.

Lawrence Mwangi Lawrence is a technology and business reporter. He has freelanced for a number of tech sites and magazines. He is a web-enthusiast, with a special interest in Online security, Entrepreneurship and Innovation. When not writing about tech he can be found in a Tennis court or on a chess board.
Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.