Skip to main content

Flash Audit Alert - Archuleta actually gonna kick Big Blue out of .GOV?

The era of Big Government is... our era. By some estimates 40 million people work for it either directly or, more commonly, indirectly. It's just about 20% of the US national workforce. Not that you'd ever be able to calculate the leviathan by looking at Federal OPM numbers because they only count the direct employees - one's that have a paycheck cut from the treasury that says Federal Employee on it. But of course there are tens of millions more who work for the Federal Government - how many millions? About 21.5 Million. That's what Wired says anyway and it's so cute the way they phrase it:
"That breach affected some 21.5 million people—not only federal workers but friends, family members and others who were interviewed over the last twenty years for security clearance applications."
Umm, no, not "friends, family members and others" but contractors, off the books, Federal employees. One of the good things to come out of the recent OPM Cybersecurity Incidents is that it gives the American voter an accurate idea of how many people the Federal Government actually employs. WaPo is a little more honest than Wired:
"Sensitive information from at least 15 years of background investigations of 21.5 million employees, contractors and job applicants seeking security clearances, and their families, had been snatched. That was in addition to another theft, which seemed huge when it was first revealed on June 4 — personal data on 4.2 million employees,  including Social Security numbers. There was some overlap in the information compromised in each of the breaches."
I sincerely doubt they kept the "job applicant" info in the same database as the actual employees and contractors. And the term "some overlap" is ambiguous at best - outright deceptive in it's phrasing and implications.

The fall gal for this cybersecurity breach is political hack Katherine Archuleta who had no business running a mammoth Federal agency but was good at following orders and giving the current administration Hispanic props (old world, colonial Hispanic that is). There's been a lot of focus on what Archuleta didn't do to secure personnel files of Federal employees but according to her there's really no one to blame except the thieves themselves. She explained it all to Congressional oversight in June after theft #1 (the 4.2 Million):
“This is decades of lack of investments in systems that I inherited,” Archuleta responded.
She noted that even total FISMA compliance – an area with which OPM struggled – might not have guaranteed safety from a breach.
OPM’s vulnerability could not be attributed to any one person, Archuleta claimed, though she did assign guilt for the breaches.
“If there’s anyone to blame, it is the perpetrators,” she said.
But at OPM, “I don’t believe anyone is personally responsible,” Archuleta stated.
Translation: My department want's to spend more money. We are not compliant with the Federal Information Security Management Act of 2002 and you can't you blame us, just look at all the crap you've got to implement (And that 2002 is not a typo - the law has been on the books for 13 years - THIRTEEN YEARS PEOPLE!). There is no personal responsibility which is, of course, absolutely true of OPM as it is with every Federal Agency in the Administrative State. Kate Archuleta doesn't know how to secure employee data - hell, she probably doesn't understand a thing about IT infrastructure and security and she wasn't appointed to implement any of that FISMA gobbledygook. She was appointed to award contracts baby, and those contracts are to go to "friends" of the administration. So let's look at what Archuleta DID do.
"Our primary concern is that the OCIO has not followed U.S. Office of Management and Budget (OMB) requirements and project management best practices. The OCIO has initiated this project without a complete understanding of the scope of OPM's existing technical infrastructure or the scale and costs of the effort required to migrate it to the new environment.
In addition, we have concerns with the nontraditional Government procurement vehicle that was used to secure a sole-source contract with a vendor to manage the infrastructure overhaul. While we agree that the sole-source contract may have been appropriate for the initial phases of securing the existing technical environment, we do not agree that it is appropriate to use this vehicle for the long-term system migration efforts."
So Archuleta awarded a sole-sorce contract to some company ("which one?" you might ask and good luck finding the answer) and that contract "involves hosting OPM systems in two commercial data centers" ("what data centers?") and will have "no mainframe or legacy applications". Which means kicking out established vendors with Big Government contracts - Green Field my friends, no legacy infrastructure at all and THAT is what SHE did. Putting aside the fact that her department could not implement security measures that have been implemented by other agencies over the past decade and that mainframe computers are the most secure IT environments available there is the fundamental question of why OPM keeps all this info in one place so that if some Chinese hacker were to get access they would be able to get ALL the sensitive info on ALL government employees.  Oops! Sorry you pasty faced saps, but you probably voted for this hope and change in '08 and '12 so blame the perpetrators - I know you won't blame yourselves.




Comments

Popular posts from this blog

The Real Story with Gretchen Carlson

She was "sexy", but "too much hard work." I'm a regular Fox & Friends viewer (mostly in protest of the other insipid morning programs like Today and Good Morning America) so over the years I've gotten to know Gretchen Carlson pretty well. Stuck between Steve and Brian she always seemed a prudish scold with an irritating, self-righteous demeanor that I simply put up with because I figured some people in the Fox audience actually liked her persona. It was obvious that Steve and Brian did not, but they were stuck with her like so many talking heads and had to make the best of it - which they did. Besides, she was no worse than any of the other women on morning show TV - I mean, you're only going to find a certain kind of person to do this kind of work and that kind of person is the Gretchen Carlson kind. Then, one day, she was gone and replaced by Elisabeth Hasselbeck and the F&F ratings began to climb, and climb and climb - in two months view...

The Pop-Tarts Bowl: Frauds v. Fakers

In the Techno-Fascist Imperium the "Holidays" festivities start on Columbus Day, when the Halloween candy pops up, and end New Years Day with college football Bowl games, black-eyed peas and collard greens. To be clear, the Imperium doesn't celebrate Columbus Day, au contraire, the Indigenous Peoples' Day psyop has been pushed hard by the IC for the past 50 years of failure but the candy... THE CANDY. This year's IPD got turned up to eleven when the colonizers of America's 51st state got kidnapped, raped and murdered by some indigenous maniacs on Sukkot 10/7 and, as a result, soured the festive '23 Holiday mood. Hey, we soldiered on, as it were, and kept on celebrating while the world burned: Halloween - Big for children and weirdos. Thanksgiving - Focus on God, country and family. Hannukkah - Jewish assimilation. Xmas - Santa Claus and gifts. Kwanzaa - Black Lives Matter. I'd call them Happy Holidays if it wasn't  a neo-Nazi dog whistle  to vocal...

Summer of the Jackals

In the spring of 2021 I had a near death experience when my Chevy Silverado loaded with 30 cases of wine was rear-ended at 50mph  by a young lady who was texting-while-driving at 9:30 AM. Her Mercedes sedan flashed in my driver side mirror a moment before impact and that microsecond of awareness gave me just enough time to pull my foot off the break and jam the gas so when she plowed into my trailer hitch the impact met no resistance and launched my truck across the road and into the woods. I had stopped in the road, left blinker signaling, waiting for an oncoming pickup truck to pass and, by the grace of God, it did pass me just as the distracted driver in the mirror slammed into my flashing taillight. Everyone walked away from the crash with no serious injury but if the impact had transpired 2 seconds earlier it would have been a “Road Warrior” bloodbath of terror and death. When I stepped out of my vehicle and looked through the roadside trees I had miraculously missed hitting i...