US incredibly vulnerable to cyber attacks: Analyst

Press TV has interviewed Scott Rickard, a former American intelligence linguist, in Florida, to ask for his take on Washington’s accusations of cyber-attacks by China.

A rough transcription of the interview is provided below.

Press TV: Does the US have any evidence to accuse China of this cyber attack? After all, China reacted to previous claims pretty strongly.

Rickard: Well, I think what the US has done is that they have probably tracked back the traffic to specific IP addresses that were potentially downloading files or moving files around. A lot of these types of attacks are typically done by people that work internally. I think it is important to understand the information they are talking about; these are background investigations that are typically done for anyone that has a security clearance and out of the five million or so, only about a million or so have top secret security level clearances and they do a real serious background with the SF86 forms. They started an online program; it is called e-QIP - Electronic Questionnaires for Investigative Processing- and they started that about ten years ago in 2003.

So all of the information is actually stored in databases now, where in fact prior to that, it was done pretty much by documents and they were scanned in. So this information that was taken obviously was taken by somebody; it could have been taken by somebody in China [or] could have been taken by the Chinese government. To be honest with you, the Americans have been very foolish with their data, they have been compromised at STRATCOM, which was a CIA contractor and they indicted that individual and sent him to prison for stealing all the information from a CIA contractor that was pretty much not protecting that data. The fact that this data is accessible is not a surprise to me; you have so many contractors, you have almost as many contractors having top security level clearances as do federal employees. There is only about 600,000 or 700,000 federal employees with top security level clearances and now there is over 500,000 contractors with top security clearances.

So the fact is that this is not a very well-run system at this point; there are too many outsiders in the game; and obviously the government has once again mismanaged a very simple platform in order to keep track of their employees and now five million employees’ potential information has been made available to an external government.

Press TV: Now if this cyber attack proves to be true, how vulnerable does it prove America’s cyber security?

Rickard: Well, it is incredibly vulnerable. You are talking about really unskilled labor in a lot of these positions. There is a lot of individuals who work within the government and are never replaced. They are never challenged with their inabilities to do their jobs and at the same time you have a lot of foreign intelligence individuals who have infiltrated the system over and over again, specifically individuals like Dov Zakheim, who is the senior vice president at Booz Allen Hamilton, which handles a lot of classified information. There are many top security level clearances there and the Office of Personnel Management, to be honest with you, has done a lackluster job; this is not a place where all the best people go. They are going to other more high-level jobs, and so they are not getting the cream of the croft. They probably are getting the lesser capable individuals and it doesn’t surprise me that it was mismanaged. This is a typical government operation. The US government is highly vulnerable.

In fact, the US government is actually highly active in the same type of cyber-threats around the world to other governments. So it is a double-edged sword; who lives by the sword dies by the sword.

Press TV: How much do you think this accusation of a cyber attack is a hoax to give Washington the excuse to launch a cyber war against any country or target it if it deems it necessary?

Rickard: Well, certainly there are hoaxes out there. The fact is that this may or may not be a hoax. If it is, obviously it is a very well-orchestrated one.

To be honest with you the Sony attack, that was kind of a hoax; that was an insider attack to go against North Korea. This one may or may not be a hoax and even if it is, certainly it is a very serious one. It is not an attack like the Pearl Harbor when they talk about these cyber attacks.

The fact is that the US is very foolish to make itself so vulnerable. It is very easy to protect those types of systems; they could have encrypted those systems and encrypted the information and made it much more protected. They should have and it is their own fault because they are letting too many people in and letting too many individuals and contractors have access to this type of information. It has run amok and it is a very lucrative business and it has really gotten out of hand. Because it has become privatized and it doesn’t surprise me that the US is vulnerable and rightfully so, if another country is trying to investigate what the US is up to, they should be able to. Because the US is, at will, going after China, going after Russia, going after Iran, and going after country after country and so, like I said, you live by the sword you die by the sword.

The US better be prepared for sophisticated cyber attacks and individuals looking at their information.

MTM/HJL

Press TV’s website can also be accessed at the following alternate addresses:

www.presstv.co.uk