Reports from the Obama Administration have suggested that information has been stolen from almost 4 million people in a breach of federal computer networks, one of the largest government data thefts in history. The breach occurred in the Office of Personnel Management which is responsible for security clearances and U.S government employee records.
The breach was detected by the Department of Homeland Security through a system known as Einstein and the F.B.I are conducting investigations in to exactly how and why this breach occurred. It comes in the midst of efforts by the U.S government to improve their data security, following attacks on both the DHS and IRS networks which resulted in thousands of taxpayers' data being compromised. This recent attack has prompted calls for an overhaul and improvement of the current U.S data security system.
Following the indictment of 5 Chinese military officers accused of cyber-espionage, Obama approved a new sanctions' programme which came in to effect in April 2015. The Secretary of the Treasury is now empowered to sanction individuals and groups who attempt to threaten national security, economic stability or foreign policy through cyber hacking. The extent to which the sanctions will be enforced remains to be seen, although it is believed that they will allow the U.S Treasury Secretary in coordination with the Attorney General and Secretary of State to freeze assets and impose prison sentences on those believed to be involved in cyber hacking. The broad reach of the sanctions will also apply to the disclosure or use of secret information in the knowledge that it was stolen through cyber-enabled means or assisting others in conducting cyber hacking. Although the sanctions only apply to cyber hacking of U.S systems, it is believed that it will have a deterrent value in the global market by isolating those who engage in cyber-crime. As cyber hacking becomes increasingly more sophisticated, it poses new challenges to those entrusted with the security of confidential information and reaffirms that cybersecurity must continue to be a top priority.