 |
When a retired 51-year-old military man disclosed in a U.S. security
clearance application that he had a 20-year affair with his former college
roommate's wife, it was supposed to remain a secret between him and the
government.
The disclosure last week that hackers had penetrated a database
containing such intimate and possibly damaging facts about millions of
government and private employees has shaken Washington.
The hacking of the White House Office of Personnel Management (OPM)
could provide a treasure trove for foreign spies.
The military man's affair, divulged when he got a job with a defense
contractor and applied to upgrade his clearance, is just one example of the
extensive potential for disruption, embarrassment and even blackmail arising
from the hacking.
The man had kept the affair secret from his wife for two decades before
disclosing it on the government's innocuously named Standard Form 86 (SF 86),
filled out by millions of Americans seeking security clearances.
His case is described in a judge's ruling, published on the Pentagon
website, that he should keep his security clearance because he told the
government about the affair. His name is not given in the administrative
judge's decision.
The disclosure that OPM's data had been hacked sent shivers down the
spines of current and former U.S. government officials as they realized their
secrets about sex, drugs and money could be in the hands of a foreign
government.
The data that may be compromised by the incident, which was first
reported by the Associated Press, included the detailed personal information on
the SF 86 "QUESTIONNAIRE FOR NATIONAL SECURITY POSITIONS," according
to U.S. officials.
U.S. SUSPECTS LINK TO CHINA
As with another cyberattack on OPM disclosed earlier this month, U.S.
officials suspect it was linked to China, though they have less confidence
about the origins of the second attack than about the first.
China denies any involvement in hacking U.S. databases.
While the Central Intelligence Agency does its own clearance
investigations, agencies such as the State Department, Defense Department and
National Security Agency, which eavesdrops on the world, all use OPM's services
to some degree.
It was not immediately clear how many Americans' information may have
been compromised, nor precisely how many fill out form SF 86. As of Oct. 1,
there were 4.51 million people cleared or eligible to receive national security
information, according to a report by the Office of the Director of National
Intelligence.
Intelligence veterans said the breach may prove disastrous because
China could use it to find relatives of U.S. officials abroad as well as
evidence of love affairs or drug use which could be used to blackmail or
influence U.S. officials.
An even worse scenario would be the mass unmasking of covert operatives
in the field, they said.
"The potential loss here is truly staggering and, by the way,
these records are a legitimate foreign intelligence target," said retired
Gen. Michael Hayden, a former CIA and NSA director. "This isn't shame on
China. This is shame on us."
The SF 86 form, which is 127-pages long, is extraordinarily
comprehensive and intrusive.
Among other things, applicants must list where they have lived;
contacts with foreign citizens and travel abroad; the names and personal
details of relatives; illegal drug use and mental health counseling except in
limited circumstances.
A review of appeals of security denials published on the web shows the
variety of information now in possession of the hackers, including financial
troubles, infidelities, psychiatric diagnoses, substance abuse, health issues
and arrests.
"It's kind of scary that somebody could know that much about
us," said a former senior U.S. diplomat, pointing out the ability to use
such data to impersonate an American official online, obtain passwords and
plunder bank accounts.
SOME AGENCIES LESS VULNERABLE
A U.S. official familiar with security procedures, but who declined to
be identified, said some agencies do not use OPM for clearances, meaning their
employees' data was at first glance less likely to have been compromised.
However, the former senior diplomat said someone with access to a
complete set of SF 86 forms and to the names of officials at U.S. embassies,
which are usually public, could compare the two and make educated guesses about
who might be a spy.
"Negative information is an indicator just as much as a positive
information," said the former diplomat.
The case of the 51-year-old former military man who told the
government, but not his wife, about his 20-year affair came to light when he
filed an appeal because his effort to upgrade his security clearance ran into
trouble.
According to a May 13 decision by an administrative judge who heard his
case, the man revealed the affair in the "Additional Comments"
section of SF 86 in January 2012, ended the affair in 2013, and told his wife
about it in 2014.
"DOD (Department of Defense) is aware of the affair because
Applicant disclosed it on his SF 86; the affair is over; and the key people in
Applicant’s life are aware of it," the judge wrote, according to a Defense
Office of Hearings and Appeals document posted online.
His access to classified information was approved.
Source: Reuters
