US Counterintelligence czar tells hack victims: “raise shields” against spearphishing
Ars Technica 2015-09-09
WASHINGTON–In a presentation at the Intelligence & National Security Summit here today, the Director of the National Counterintelligence and Security Center (NCSC) announced a "new counterintelligence campaign" focused on reducing the potential security damage done by the Office of Personnel Management data breaches. Called Know the Risk, Raise Your Shield, the campaign's opening salvo is a pair of spear-phishing awareness videos, urging people not to click on those links.
"There have been just over 500 breaches so far this year, some of which made the news," said NCSC director Bill Evanina. "And 47 percent of adult Americans have been the victim of a breach in the last three years. That data is an opportunity for criminals, but it's also allowed foreign intelligence to collect information about government employees, contractors, and their families."
The Office of Personnel Management breach alone, he said, had exposed at last measure the data of over 22 million people, including some who had merely applied for government employment or contract work in the last 10 years. "That puts them in a vulnerability bracket they've never been in before," Evanina said.