Former Director of the CIA General Michael Hayden, speaking at a The Wall Street Journal-sponsored event about the recent hack of the U.S. Office of Personnel Management, said Chinese hacking of U.S. government records is “honorable espionage work” of a “legitimate intelligence target.”“This is a tremendously big deal,” he said. “My deepest emotion is embarrassment.”Beijing has officially denied responsibility for the attack, which yielded what could be one of the biggest and most valuable troves of U.S. data ever stolen. But according to cyber security experts, all signs point to Chinese hackers or even, as Hayden asserted in his presentation, the Chinese state. Wisely and clearheadedly, he doesn’t blame the Chinese for the success of their cyber offense, but emphasizes instead the failure of America’s cyber defense. More:
“To grab the equivalent in the Chinese system, I would not have thought twice. I would not have asked permission…This is not ‘shame on China.’ This is ‘shame on us’ for not protecting that kind of information.”The White House hasn’t said how many records were compromised, but it is expected to have been millions of files dating back more than a decade.
Hayden’s stance is notable especially in contrast to recent reports of how the White House was viewing the breach as late as Friday:
At the White House, officials said that Mr. Obama was weighing the use of an executive order he signed in April that allows the Treasury secretary to impose sanctions on individuals or groups that engage in malicious cyberattacks, or people who benefit from them.
“This newly available option is one that is on the table,” said Josh Earnest, the White House press secretary.
Presumably cooler heads in the intelligence community echoed sentiments similar to Hayden’s to President Obama, as we haven’t heard much about the use of retaliatory sanctions since last week. But at the same time, we can’t blame the White House for being angry and trying to come up with some response. Much like when your home has been broken into, a hack feels like a violation, and brings feelings of helplessness. Hopefully, the vast scope and the potential repercussions of this breach will focus bureaucratic brains in Washington on beefing up the cyber defenses of our critical government systems. And then, perhaps, they can turn their minds even more seriously on all the other vital infrastructure out there that can be compromised.This is unfortunately a struggle without end, less like an unwinnable war than like a human body fighting off viruses that are constantly finding new weaknesses in us. It is impossible to completely harden the defenses of systems that grow more complex with each passing year as technology gallops on. The only solution is to be constantly aware of the threat, and to be vigilant.And to remember that even the most competent security measures can be circumvented using age-old techniques: