Friday, September 12, 2014

USIS 2014 State Sponsored Cyberattack?

USIS 2014 Cyberattack ---
tags: data breach, government targeted, state sponsored attack

 Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack.

25,000 workers August 6, 2014 USIS 2014 Cyberattack USIS announced it was hit by cyberattack that compromised the files of 25,000 Homeland Security workers. “Our internal IT security team recently identified an apparent external cyber-attack on USIS’ corporate network. Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack. The US government announced it will no longer renew contracts with USIS which was the largest background check provider of the U.S. government. USIS has also been slammed for vetting Aaron Alexis, the Washington Navy Yard shooter who killed 12 people, and Edward Snowden, the government contractor who leaked classified information on U.S. electronic surveillance.

*Reference

https://en.wikipedia.org/wiki/USIS_(company)

USIS (company)

From Wikipedia, the free encyclopedia
USIS is a private company that conducts background checks. Its corporate headquarters are in IdylwoodVirginia, near Falls Church, in Greater Washington, D.C.[1][2] It conducts background checks through contracts with the United States Office of Personnel Management (OPM). As of June 2013 it had 100 federal contracts, and it does background checks for over 95 federal agencies.[3] As of 2013 the company was the largest background check provider of the U.S. government,[4] and by September 2014 had more than 6,000 employees worldwide.[5] USIS is a part of Altegrity Inc., a company headquartered in the Falls Church area that is owned by Providence Equity Partners.[4]

History[edit]

USIS was founded in 1996 after the investigative branch of the OPM was privatized.[3] Its creation was due to an effort of Vice President of the United States Al Gore's effort to reduce the size of the civil service. Originally known as U.S. Investigations Services Inc.,[4] it was at first an employee-owned company. Around 2000 the Carlyle Group invested in USIS and in 2003 Welsh, Carson, Anderson & Stowe committed capital to them. In 2007 Carlyle announced that it would sell USIS to Providence Equity Partners, a private equity firm, for US$1.5 billion.[6] In the fiscal year 2012 the company received $253 million for the contract work of the OPM, 67% of the OPM's contract spending for the fiscal year.[4]

Aaron Alexis background check[edit]

In 2007 the firm conducted a background check[7] on Aaron Alexis, who has been accused of killing twelve people at the Washington Navy Yard on Monday, September 16, 2013.[8] According to media reports, Alexis was given "secret" clearance after being vetted by USIS.

Edward Snowden background check and investigation[edit]

In 2011 the firm conducted a background check on Edward Snowden, who leaked classified documents in June 2013.[3] On Thursday June 18, 2013, the Subcommittee on Efficiency and Effectiveness of Federal Programs and the Federal Workforce and the Subcommittee on Financial and Contracting Oversight, both of the U.S. Senate Homeland Security and Governmental Affairs Committee, held a joint hearing.[9] Michelle B. Schmitz, the assistant inspector general for investigations, testified that USIS had been under a federal investigation since late 2011, stating that it involves a "complicated contract fraud case."[9] Patrick McFarland, the OPM inspector general, did not reveal the reason for the investigation of USIS, and stated that USIS's security clearance check for Snowden may have had faults.[3]

USIS response to accusations regarding its Alexis and Snowden checks[edit]

In a September 8, 2014, media release, the company insisted that, despite being "the target of inaccurate and misleading public allegations," USIS is a responsible government contractor. It labeled as myth reports that USIS botched its background checks of Aaron Alexis and Edward Snowden, calling the claim "absolutely false." The company asserted that "OPM confirmed in sworn testimony before Congress on February 11, 2014 that the investigative file compiled by USIS on Aaron Alexis 'was complete and in compliance with all investigative standards.'" USIS also said it followed all OPM-mandated procedures and protocols in its background investigation of Edward Snowden. The company further clarified that it "does not grant security clearances and plays no role in making those determinations." The decision to grant or renew a clearance, said USIS, "is the sole responsibility of the federal government agency that requested the background investigation."[10]

Fraud investigation and charges[edit]

In June 2013 the office of Senator Claire McCaskill stated that USIS was "under active criminal investigation".[9] A statement from USIS stated that it was unaware that it was under criminal investigation.[9] It added that "USIS complied with that subpoena and has cooperated fully with the government's civil investigative efforts".[11] USIS, as the government's No. 1 provider of background checks for the United States, earned $253 million in awards this year alone.[12]
On January 23, 2014, the U.S. Department of Justice filed fraud charges against USIS. The suit was originally filed by a long time USIS employee, whistleblower Blake Percival. The suit, United States of America, ex rel Blake Percival vs USIS alleges that beginning in at least March 2008 and continuing through at least September 2012, USIS management devised and executed a scheme to deliberately circumvent contractually required quality reviews of completed background checks in order to increase the company's revenues and profits. USIS responded that the faulty checks "relate to a small group of individuals over a specific time period."[13]

Cyber attack[edit]

On July 7, 2014, the company said it was hit by a cyber attack prompting the US government to suspend its work with the firm. Experts who have examined the hack "believe it has all the markings of a state-sponsored attack," but did not detail possible suspects.[14][15]

OPM drops USIS[edit]

On September 9, 2014, the OPM confirmed it would not renew any of its contracts with USIS upon their expiration at month's end. USIS said it was "deeply disappointed with OPM's decision," which affects 3,000 employees handling a caseload that averaged about 21,000 background checks a month for total fees of $320 million during the last fiscal year.[16]






  • *Sources











  • www.startribune.com/politics/national/274548521.html

    Star Tribune




  • Cyberattack hit major security clearance contractor WASHINGTON — The federal Office of Personnel Management plans to terminate its massive contracts with USIS, the major security clearance contractor that was targeted last month by a cyberattack, agency, congressional and company officials said Tuesday. The computer network intrusion compromised the personal files of as many as 25,000 government workers. An OPM official said Tuesday that agency officials decided not to renew USIS contracts. USIS also vetted Aaron Alexis, the Washington Navy Yard shooter who killed 12 people, and Edward Snowden, the government contractor who leaked classified information on U.S. electronic surveillance.






  • Government to drop background check firm USIS after ...

    www.scpr.org/.../government-to-drop-background-check-firm-usis...

    KPCC
    2 days ago - USIS was targeted in August by a cyberattack that compromised the files of 25,000 Homeland Security workers. The FBI is investigating.









  • usis comments on recent self-reported cyber-attack on ...

    usis.com/Media-Release-Detail.aspx?dpid=151

    FALLS CHURCH, VA, August 6, 2014 — US Investigations Services, LLC (USIS) ... identified an apparent external cyber-attack on USIS' corporate network.







  • USIS COMMENTS ON RECENT SELF-REPORTED CYBER-ATTACK ON CORPORATE NETWORK


  • FALLS CHURCH, VA, August 6, 2014 — US Investigations Services, LLC (USIS) today issued the following statement:
    “Our internal IT security team recently identified an apparent external cyber-attack on USIS’ corporate network. We immediately informed federal law enforcement, the Office of Personnel Management (OPM) and other relevant federal agencies. We are working closely with federal law enforcement authorities and have retained an independent computer forensics investigations firm to determine the precise nature and extent of any unlawful entry into our network.

     Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack.

    “Cybercrime and attacks of this nature have become an epidemic that impacts businesses, government agencies, and financial and educational institutions alike. The protection and safeguarding of our networks, our data and the data of our customers is always of the utmost importance, and we have invested heavily in security measures. Our systems and people identified this attack, and, in response, we are working alongside OPM, the Department of Homeland Security (DHS) and federal law enforcement authorities in redoubling our cyber security efforts. We are working collaboratively with OPM and DHS to resolve this matter quickly and look forward to resuming service on all our contracts with them as soon as possible. We will support the authorities in the investigation and any prosecution of those determined to be responsible for this criminal attack.
    “Given the involvement of law enforcement and the active nature of this investigation, we cannot provide any additional information at this time.”
    About USIS
    USIS is the largest commercial provider of background investigations to the federal government. It has more than 5,700 employees providing services in all 50 states and U.S. territories and overseas. USIS offers a variety of adjudication support, including background checks, investigative analytics and biometric services, as well as customized solutions that help government clients manage litigation support requirements, records management  and automated information management services. Learn more at www.USIS.com.






  • USIS Suffers Cyberattack, Costing It Some Government ...

    online.wsj.com/.../usis-suffers-cyberattack-costin...

    The Wall Street Journal
    Updated Aug. 6, 2014 6:51 p.m. ET ... USIS said it is cooperating with the investigation into the cyberattack. Neither USIS nor federal officials would immediately  ...









  • Controversial Background Check Contractor Tries to 'Set the ...

    www.govexec.com/contracting/...set.../93479/

    Government Executive
    4 days ago - USIS in August suffered a cyber attack that prompted stop-work orders from DHS and the Office of Personnel Management. In addition, its  .




  • No comments:

    Post a Comment