ADM Mike Rogers, the US Cyber Command Commander and Director of the National Security Agency, stated the millions of personnel data records stolen in the OPM breach will be used in big data analytics to determine both nation state and criminal cyber attacks (emphasis added):
Additionally, nation states and criminal groups are gathering up vast amounts of data and analyzing it to identify “insights about people as individuals,” Rogers said.
The goal is “to tailor products in the form of emails, that seem to you as a user so appropriate that you would receive it, [and suspect] it’s from somebody I know. It’s a topic that I really care about. It’s an issue that I’ve been really focused on for a long time,” the four-star admiral said.
Those custom-tailored emails are designed “as a vehicle to actually get you to open an email, click on an attachment, click on a video link.”
“Perhaps [it’s] unrelated that in the last nine months I am watching huge spear phishing campaigns coming out of several nations around the world directed against U.S. targets,” Rogers said, adding that the big data cyber attacks and the increase in spear phishing attacks are “not unrelated to me.”
Only a few years ago, intelligence and cyber security officials tended to focus on the potential theft of intellectual property, as well as research and development information, that could provide market advantages.
“And we really hadn’t come to a conclusion that perhaps not only is that of concern, but you combine the power of Big Data analytics, and the fact that today, the ability to bore through huge amounts of data and find seemingly disconnected and unrelated data points and bring coherent meaning and insight, [is] something that wasn’t there in the past,” Rogers said.
As a result of the trend in cyber attacks over the past two years involving large-scale downloads of personal data and personnel information, the Pentagon has shifted the focus of its cyber defenses and now regards Big Data as a major new target.