Chinese Compiling "Facebook" of US Government Employees

schwit1 writes: According to private security firm CrowdStrike's founder, Dmitri Alperovitch, the Chinese are compiling a massive 'Facebook' like database on American federal government employees for use in espionage and blackmail. The data was stolen from high profile attacks against the U.S. Office of Personnel Management, as well as intrusions into the Anthem and CareFirst BlueCross BlueShield health insurance networks. "That can now be used to embarrass you publicly and force you to work for the Chinese government," Alperovitch says. "It's, in effect, a private version of Facebook with much more detail about your life than even Facebook has that the Chinese now have access to."

Facebook database

[JazzXP]

As opposed to a regular database...

Re:

[cfalcon]

Facedabase?

Where's beef?

[Anonymous Coward]

TFA claims that Chinese is compiling a facebook of US government employees

TFA links to an article on Washington Times http://www.washingtontimes.com... [washingtontimes.com] , which said that according to Fox News, a guy, with the name of Dmitri Alperovitch, claims that China is compiling a MASSIVE facebook-like database of US government employees

Fox News article ( http://www.foxnews.com/politic... [foxnews.com] ) carries a similar claim

Where's the beef?

Neither of the three articles (Slashdot, Washington Times and Fox News) bother to provid

Re:

[aNonnyMouseCowered]

Yes, because if you have nothing to hide ... nevermind

Re:Facebook database

[subreality]

As opposed to a regular database...

Yes, a Facebook database: a database of your personal information, created without your informed consent, collected from sources you didn't realize would share it, and which gives you no control over how it may be used against you in the future.

Re:

[Rayting]

So... Can I play FarmVille on it?

Re:

[JWSmythe]

database, dossier, file, list... anything would have been more accurate than "facebook". Hell, even if they compared it to Wikipedia, it would have been more accurate.

Facebook is full of user supplied information. The others are collections of information by 3rd parties. Maybe they were hoping for the keyword "facebook" to get their story more traffic. It got them here, so that should be good for at least a couple dozen clicks. That's the number of daily Slashdot users now, right?

Re:

[Hognoxious]

Brought to you by schwit1 & samzenpus. Were you expecting anything better?

Re:

[JWSmythe]

Sadly, no...

those Crazy Chinese

[turkeydance]

Facebook proves embarrassment will fail.

NIH syndrome

[Curate]

Why don't they just use actual Facebook for this? Lots of people have been publicly shamed through Facebook, to the point of losing their careers, their marriages, or even committing suicide.

Re: NIH syndrome

[Type44Q]

The key word is "publicly."

Re:

[drinkypoo]

Why don't they just use actual Facebook for this?

Because the US gov't might get a little upset about Zuckerface selling them that level of access to the failbook database.

Re:

[flink]

Because if you publish everything peremptorily, you lose the opportunity to use the threat of revealing it as leverage against your target.

facebook, not Facebook

[Flaggday]

They're using the pre-2004, non-proper-noun sense of "facebook".

Huh?

[Ol Olsoc]

In general, embarrassing personal information is already known by the government, because you already told them. This story makes kinda no sense. So the Chinese are going to bribe you with already known things?

Re:

[Tirian]

Just because the government knows you cheated on your wife (because it came up in your background clearance check) does not mean that your wife knows. This is leverage.

Re:

[Ol Olsoc]

Just because the government knows you cheated on your wife (because it came up in your background clearance check) does not mean that your wife knows. This is leverage.

Considering the divorce rate, not very good leverage

Re: Huh?

[Type44Q]

That would depend entirely on the effectiveness of the prenup...

Re:

[ShanghaiBill]

That would depend entirely on the effectiveness of the prenup...

If you are working as a GS-9 in some government bureaucracy, you don't have enough assets to bother with a prenup.

Re:

[TsuruchiBrian]

Well given that about 70% of Americans (men and women) have cheated on their partners, and the number of people that have actually committed treason against the United States is a much smaller percentage (far less than 1%), I'd say that your claim that cheating on your partner implies a willingness to be disloyal to your country is about as false as any claim can be.

That's like saying being a non-virgin implies that you are willing to be a rapist. The facts simply do not support these claims.

Re:

[Pluribus]

Just because the government knows you cheated on your wife (because it came up in your background clearance check) does not mean that your wife knows. This is leverage.

I used work at such a place. If it came up during a background check that you were having an affair, they would call both you and your wife into the security office and tell the person with the clearance, "you tell them or we will". They cared less about what you did and more for if you could be blackmailed for it.

Re:

[meadow]

In San Francisco [cbslocal.com] it doesn't matter. They've already sold out.

Re:

[AHuxley]

Re "embarrassing personal information is already known by the government, because you already told them."
Its not the classic negative human traits that all skilled foreign intelligence operations and espionage hope to uncover.
The US and UK now offer their staff better wages and living conditions to stop just that kind of easy temptation by all foreign intelligence operations.
The negative worked well in the 1920-60's when US/UK mil/gov wages where low and any extra cash would help a lot on average as a gi

Re:

[AHuxley]

AC re "As if money isn't an incentive. Even relatively small amounts can buy information."
If a person is going to sell information, they will want or need to spend that extra cash is strange ways.
That character or lifestyle change is one of the most easy traits for the US gov to track in todays digital world.
Facial recognition via public-private partnerships, collecting all internet use, averaging out payments and cash flow over all gov/mil staff watching for slight extra spending changes.
Colleagues out

Jokes on them.

[trout007]

I'm already embarrassed working for the US government.

Re:

[LessThanObvious]

So, they mean to blackmail people using information their employer already knows? Good luck Chinese. The government officials that aren't already getting busted for smoking crack, taking bribes, sending dick pics or banging tranny-hookers just don't have much to hide. On the upside maybe the government will finally understand why privacy matters.

The real risk I see with the amount of info known about Americans and government employees is that any real adversary can not only attempt blackmail, but kidnap or

Business As Usual

[EEPROMS]

I'm surprised how this is actually news, every government keeps dossiers on foreign government officials in a database. There have been reports of nefarious web crawling data collecting networks for years, many tracked back to government owned networks. Do you think the personal data the FBI gets from prosecuting hackers is actually thrown away, no they add it to their database.

Re:

[bob_super]

News! Breaking News! The Chinese PLA has plans drawn up describing how to nuke major US cities!

Re:

[TheGratefulNet]

and the chinese SLA are still out looking for whatever happened to this mystery person known as Tania...

Re:

[cold fjord]

I'm surprised how this is actually news, every government keeps dossiers on foreign government officials in a database.

It's a little different when the foreign government steals the adverse data from your government so they (foreign government) can use it against you.

It is also a little different when the data stolen covers millions of employees over decades and involves some of the most intimate personal data.

And this is before anyone uses that treasure trove of data to perpetrate massive financial fraud and theft.

Remember when people used to post how they wanted to see their own government crippled and impotent, and that

Re:

[TheGratefulNet]

(Oh, and now it turns out Chinese agents take people against their will (dissidents, others) out of many countries.)

no worries. they bring them back an hour later.

btw, I've had chinese take-out many times. ain't no big thing. just watch out for the fried stuff. and make sure that the lo mein is in there; they shorted us on lo mein, last time.

Re:

[jbmartin6]

The news is this is a 'Facebook', which means the original author had some axe to grind with Facebook so made a meaningless comparison. Probably didn't hurt that it would attract clicks. Who knows, maybe the first draft just said database and some clever editor told him to go back and call it a Facebook.

Stupid summary

[rahvin112]

There is nothing in what the Chinese have stolen that isn't already known by the government and hence has no blackmail value. The first time they try to blackmail someone with that information the person attempting to do it will be arrested on the second contact.

Christ, they could get more detailed personal information from the actual facebook than what they stole. It's hidden stuff like Ashley Madison that could cause someone to be susceptible to blackmail, not publicly known information from a government

Re:

[TsuruchiBrian]

I think it's very plausible that you might tell your doctor that you have not been monogamous or that you have hired prostitutes or used illegal drugs, etc. These are all things you can be blackmailed with.

Granularity

[Trachman]

Truth is that up-to-date, accurate and detailed, organizational structure of army or other organization that participates in national defense is a prized reference tool useful both in peace and in a war time. Many of the organizations take extra precautions to distort, obfuscate real org chart and to hide key areas, such as communications/network, nuclear etc.

If enough time and efforts are invested all the org charts can be recreated, however in reality, due to the resource limitations only generals and top-lieutenants are in a typical org tree. Chinese made their own life easier since they have now a significant details and granularity of the information. Be sure that selected individuals will be targeted for intelligence and recruitment operations.

Time to pay attention

[ncmathsadist]

America has tolerated too many belligerent cyberattacks from China and Russia. It is time to draw on the computing talent in this country to create a counterinsurgency against these agents and to deal with them straight-on. Enough.

Re:

[fustakrakich]

The secret of our success is that it's secret. Showing our 'failures' is the better distraction.

Re: Time to pay attention

[Anonymous Coward]

We are all too busy making it look like our attacks originate from Russia or China.

"Top secret security clearance"

[AHuxley]

Its not "staggering" given the access demands needed to find and upgrade contractors and skill sets needed for US global mil operations.
"Top secret " details placed in a simple, readable, network facing database in plain text.... ?
Great for finding needed no bid contractors via a cloud..
Any other US mil or gov sector would have kept its own data secure, encrypted and not on the public facing 'net'
Why was this done, when was it done and what was allowed to drift out in plain text?
Plain text letters of

Bingo book

[hackwrench]

In Naruto, they call it a Bingo Book.

Re:

[drinkypoo]

In Naruto, they call it a Bingo Book.

In the real world, they call it a dossier file. Calling it a facebook is idiotic. It's a dossier file database. Guess those words are too big for the general public. Guess what DICE considers us? Besides [dairy-like] cattle, here to be milked?

Re:

[mrchaotica]

Besides [dairy-like] cattle, here to be milked?

Oh, so you're the AC who keeps posting about that!

Re:

[drinkypoo]

Oh, so you're the AC who keeps posting about that!

If I thought you were a bunch of cows, I'd say so without all the mooing.

Do you seriously expect us to believe this BS ..

[nickweller]

"According to private security firm CrowdStrike's founder, Dmitri Alperovitch, the Chinese are compiling a massive 'Facebook' like database on American federal government employees"

Re: Do you seriously expect us to believe this BS

[Type44Q]

Are you a complete idiot (no, really)? You've utterly failed to get the point: This claim isn't dubious or far-fetched in the slightest; rather, it's completely fucking redundant (virtually all nations do this) and this isn't even remotely newsworthy.

Re:

[CanadianMacFan]

I think that the only dubious part of the claim is calling Facebook like. States have been collecting information about the people involved with other states for as long as there have been states. It's only recently that they've been able to greatly expand the number of people included and the amount of information contained.

Re:

[coofercat]

Yeah, I believe it. In fact, as a Top Security Consultant myself*, I'll give you a quote:

"$country Compiling "Facebook" of $other_country Government Employees"

Where $country may possibly even be equal to $other_country, and both can be picked from this list: http://www.listofcountriesofth... [listofcoun...eworld.com]

* that statement is probably no more true than any of CrowdStrike's credentials, but I've got products and services for sale ;-)

Xenophobic much?

[fragMasterFlash]

I don't know which bothers me more, xenophobic headlines on the front page of /. or xenophobic US presidential candidates.

Re:

[CanadianMacFan]

How about how many votes the xenophobic US presidential candidates get?

In Soviet America...

[Irate Engineer]

...Facebook compiles you!

Ok, so...

[multimediavt]

Ok, so they've got this super secret info from a government employee database and some medical records, maybe? And? How is this supposed to be something to worry about as far as national security threats go? The info was in an HR database, so the government already knows about that info, and with the possible exception of STDs and maybe psychiatrists what on earth could be used in the medical records to blackmail anyone? On top of that, it's only federal government employees, and only a subset of those. So

Re:

[TsuruchiBrian]

People don't get STDs in monogamous relationships. Part of dealing with an STD is figuring out how you got it, who you got it from and who you maybe gave it to, and that is all stuff you may have told your doctor if you want good healthcare. The reason medical record are confidential is because honesty is crucial to good healthcare. Have you not seen House?

Re:

[TheGratefulNet]

Have you not seen House?

is that the one that the Romani went to?

Re:

[multimediavt]

You can get herpes from a drinking glass. You can get AIDS from infected blood. The chances are small, but STDs can infect healthy monogamous people. Watch less TV and read more!

Re:

[TsuruchiBrian]

You can get herpes from a drinking glass

You can get HIV from hunting primates in Africa. I am not talking about what can and can't be reasonably be inferred from knowing someone has an STD. I am saying that the actual reasons for why they have those STDs are likely to be in their medical records, and lots of that information can be used to blackmail those people.

Watch less TV and read more!

I actually don't watch TV at all. It was a joke. Furthermore, what you read matters. This idea that reading text is inherently better than listening to speech, is nonsense. Watching a go

Re:

[CanadianMacFan]

Well, the HR info would let them buy credit history and other such information so you would know who was having financial difficulties and might be able to be bought.

Medical records might contain information concerning addictions which could be used against them. Either with the addiction itself (giving them drugs or sending them on gambling vacations) or financially. If someone was having, or recently had, a major medical condition such as cancer then they might be having financial problems. There are p

Re:

[multimediavt]

Well, the HR info would let them buy credit history and other such information so you would know who was having financial difficulties and might be able to be bought.

Medical records might contain information concerning addictions which could be used against them. Either with the addiction itself (giving them drugs or sending them on gambling vacations) or financially. If someone was having, or recently had, a major medical condition such as cancer then they might be having financial problems. There are plenty of ways to coerce someone. The more information that you have the more likely you will find that method.

Anyone with a security clearance (even low level clearances) have to have clean credit histories and have annual drug tests to maintain them. Your examples work for extorting money from individuals in non-classified positions in the government, not compromising national security. You also watch too much TV if you believe otherwise. The data stolen from OPM was for non-classified government employees. I can assure you that any post breach investigation would have found any possible soft targets and the probl

Re:

[CanadianMacFan]

Not every breach is for national security. A lot of espionage is for business reasons and you don't need to go after the people with very high security clearance for that.

And I don't know how the US does their security clearance. I've had two levels of clearance in Canada (the highest being Secret which can take up to six months for them to investigate) and I know that my credit history would have been part of that examination. However at no time did I have to have a drug test. Now that was a while ago

Re:

[AHuxley]

Re: "Ok, so they've got this super secret info from a government employee database and some medical records, maybe? And?"
Any contact attempt will be well tracked by domestic efforts like the NSB ie all fake SS numbers, work, projects, letters all set, waiting for contact.
What was really readable on open, unencrypted, networked computers by the US gov as plain text lists to be found in the wild?
So the super secret part is really in doubt or is a created mix to test networks.
How much would the OICI nu

Re:

[multimediavt]

As you mentioned any follow up investigation of the people that had their data stolen would identify any possible soft target and it would have been taken care of within a few weeks, i.e., the person would be moved out of their current position or would have been made to clean up whatever actionable info was on their record or be dismissed. As for the "super secret" remark, I was being sarcastic as the data that was stolen from OPM was of non-classified employees to begin with. I know many people that hold

The best ad in that webpage was for Facebook

[mnemotronic]

After scrolling past ads for Chinese testosterone, Chinese intelligence booster pills and a database of sex offenders living in by basement, I finally made it to the "meat" of the advertisements, errrr, story - An ad suggesting that I join Facebook.

URL ?

[randalware]

I need access to update my status.

And I want to look around it for the best places to work.

fewest psychopath in management.
quiet working environment.
best area to live in.
not using Windows.
relaxed dress code.

thanks for your interest,
please "like" my page

And that was a bad picture of me

[Trax3001BBS]

Didn't care for it on my badge as it was.

hahaha good one

[einar.petersen]

I really like the phrase using information to force people to work for the Chinese government. And the collecting government i.e. not the Chinese but the American government was going to use said "embarrasing" information for what ? Why would they be collecting "embarrasing" information in the first place. Everyone really should get over themselves thinking their particular government are the good guys. Politics is and has always been nothing but a dirty game of chess to retain or attain power. Loosing

What's the difference?

[bickerdyke]

So how is this different from the "facebook-like" database US agencies are creating on the Chinese government employees? (Assuming they're doing their job right)

Or is someone really surprised that Chinese intelligence is doing their job?

And why not enrich this data by actual facebook data? If someone you know works for the gouvernment "friends" his colleagues on facebook, they don't need to give their employer there explicitly.

We're doing it too, right?

[sabbede]

I mean, I sure hope we are. It's a damn good idea.

We should also probably steal theirs so we have an idea who China might be going after.

I've wanted this for a while.

[moeinvt]

It will be awesome if they make it readable to the whole world. Would also be nice if they added wiki features so that we could do our best to help keep it up-to-date.
These federal aholes know every last detail about us. It would be poetic justice if their detailed personal information was available for our perusal. Perhaps the Chinese managed to acquire that data which was copied from the federal office of personnel management? I want to see names, addresses, photos, work responsibilities, (outrageous)

Lucky For Us!

[BECoole]

Most people in government are democrats. Things you could blackmail a conservative over are points of pride for democrats. :/

Washington Times... What a joke

[Sir_Eptishous]

Other things "You Might Also Like" on the WT page about the Chinese compiling Facbook on US Govt employees:

• Best pocket pistols for self-defense
• Republican debate winners and losers
• 21 best guns for home protection
• Child stars: Then and now
• Quiz: The ultimate NFL trivia challenge - how well do you know your football?
• Best states for concealed carry — ranked worst to first
• Startling Video Could Cause Democrats to Lose White House

It used to be known as HUMINT

[RockDoctor]

... for HUMan INTelligence - the act of collecting information about your opponents, their staff, supporters and minions, that could possibly be of future use to suborn, undermine, influence, control or discourage those people.

Nothing new here - not even storing such information on a database. The Roman Emperors did the same without calling it a database, just calling it "politics".

Re: CLEARLY!

[Type44Q]

Shill, in your inept, unsuccessful attempt at being sarcastic, you've inadvertently done a not terrible job of advocating for privacy.

Thus it would seem that you now owe your fascist masters an apology... and their pocket change back.

Imbecile.