The Washington Post article "China suspected of breaching U.S. Postal Service computer networks" has some interesting comments and observations setting this breach apart from the usual stories on breaches.
“They’re just looking for big pots of data on government employees,” Lewis said. “For the Chinese, this is probably a way of building their inventory on U.S. persons for counterintelligence and recruitment purpose.”
Watching Google, Facebook, and Amazon track me moving around the Internet in order to build profiles of me, it would make sense to me for governments to do this too, including foreign governments.
“It’s not all about hackers. Having information about real live people could help them with on-the-ground operations.”
I could see a foreign government targeting disgruntled individuals, individuals who can be bought, individuals they can apply pressure to, naive individuals who can be duped, or individuals who can become unknowing cyber mules giving attackers access to their organization's information systems.
I think we have to assume organized cyber attackers (e.g., governments) are building large dossiers on individuals and organizations using the large amounts of data being continually siphoned out of our networks.
For instance, the U.S. Postal Service, at the request of law enforcement officials, takes pictures of all addressing information from envelopes and parcels.
Having access to that traffic analysis data could be extremely valuable. I'm sure with enough information on USPS employees, attackers can flip at least one postal worker (are there any disgruntled or financially stressed postal workers?) or steal or hijack a postal worker's credentials.
But my favorite quote is:
Still, “it’s perfectly appropriate for us to do everything we can to embarrass and punish the Chinese if they’re in our systems, whether or not we’re in theirs,” said former National Security Agency general counsel Stewart A. Baker.
Yeah, everyone is doing it.