National Security & Defense

The OPM Hack and Obama’s Politicization of the Federal Bureacracy

OPM director Katherine Archuleta testifies on Capitol Hill in June. (Chip Somodevilla/Getty)

By now, it’s clear that hackers — believed to be tied to the Chinese government – stole files from the Office of Personnel Management that amount to a giant “how to blackmail anyone in the federal government” manual. This was America’s “cyber 9/11,” exposing an administration full of true believers in the expansion of government who can’t handle the most basic tasks of secret-keeping.

How does a government failure so consequential — a foreign power accessing 18 million confidential records, including the intimate personal details of federal workers’ infidelity, drug abuse, and personal debts uncovered during the background-check process for security clearances — happen?

For many Obama critics on and off the Hill, the answer lies in a troubling pattern of incompetent management from Obama appointees selected more for their political loyalty than for their expertise, skill, or leadership abilities.

RELATED: Why Are We Ignoring a Cyber Pearl Harbor?

Before becoming the head of OPM, Katherine Archuleta had no background in the kind of work the agency does. Archuleta, a lawyer and former Clinton administration official, was national political director for President Obama’s reelection campaign. She served as the chief of staff to Secretary of Labor Hilda Solís, and was the City of Denver’s lead planner for the 2008 Democratic National Convention. Like the president, she has roots in “community organizing”: She co-founded the Latina Initiative, a Colorado organization aimed at getting more Hispanic voters involved in politics. (In 2011, the Latina Initiative suspended its operations, citing insufficient funding.) Nothing in this record suggests any expertise in the vitally important human resources and record-keeping functions OPM is supposed to serve.

Before the hack, Archuleta’s primary goals at OPM appeared to be increasing the diversity of the federal workforce and implementing Obamacare’s changes to federal workers’ health-insurance options.

Her July 2013 confirmation hearing was brief and relatively controversy-free. Senator Mark Udall, (D., Colo.), introduced her and declared, “she has an impressive range of accomplishments that make her completely, totally well-qualified to be director of OPM.”

Archuleta mentioned her determination to “build on OPM’s health care experience” including “implementing its provisions of the Affordable Care Act.” She did say she would “prioritize the improvement of the agency’s Information Technology systems” and pledge to create the position of Chief Technology Officer, but that came in the context of a discussion on OPM’s difficulty in moving to a digital system for handling retirement services for federal workers. The topic of cyber security only came up during a brief discussion of whether OPM had sufficiently skilled personnel in that area.

RELATED: Want to Read Hillary’s E-mails? Ask China

She was confirmed 62 to 35, but most of the Republicans who voted ‘no’ said their objection was not with Archuleta herself but with the Office of Personnel Management deciding that members of Congress were not, in fact, required to enroll in the exchanges under Obamacare — an interpretation most Republicans saw as an unfair exemption that was contrary to the law’s text.

Upon her arrival in the post, she was touted by the Obama administration as “the first Latina Director” of OPM. The White House website declared, “Katherine shares President Obama’s vision for diversity and inclusion in the federal workforce” and added, “OPM has recognized and acknowledged the underrepresentation of Hispanics in the federal work force, and the potential and talent they have to offer.” Information technology and cyber-security were not mentioned.

“The complex and important work of government requires a diverse and inclusive workforce that is representative of the many important perspectives, talents, and backgrounds of our great nation,” Archuleta declared upon taking her post. “I am committed to building a diverse and inclusive workforce to serve the American people.”

RELATED: America’s Ongoing Era of ‘Ineptocracy’

While Archuleta, the administration, and its allies were busy hailing a new era of diversity in the federal government, OPM’s apparently long-standing cybersecurity vulnerabilities remained unattended. Slate has noted that OPM knew as early as 2013 that “sensitive data was not secured” and “security measures were not even tested to make sure they worked.” Worse yet, the agency “was unsure even of how to fix these problems,” and hadn’t fixed them as recently as this past April, years after the system had been repeatedly breached.

When news broke of the first of those breaches, in early 2014, Archuleta went so far as to insist in public that there was nothing that needed fixing.

In March 2014, OPM became aware of a partially successful Chinese hack into its systems. On July 9, 2014, the New York Times reported that “Chinese hackers in March broke into the computer networks of the United States government agency that houses the personal information of all federal employees, according to senior American officials, targeting the files on tens of thousands of employees who have applied for top-secret security clearances.” Officials quoted in the story said the hackers gained access to some of OPM’s databases before federal authorities detected the threat and blocked them.

RELATED: How Much Worse Can the Chinese Data Hacking Get?

Archuleta was quick to downplay the breach, declaring in a July 21, 2014 interview with Washington’s ABC affiliate that, “We did not have a breach in security. There was no information that was lost. We were confident as we worked through this that we would be able to protect the data.”

This was America’s “cyber 9/11,” exposing an administration full of true believers in the expansion of government who can’t handle the most basic tasks of secret-keeping.

Even now, as the full extent of OPM’s security failures is slowly beginning to come into public focus, Archuleta has barely backed off that stance. She repeatedly told the House Oversight and Government Reform Committee two weeks ago that she couldn’t say if any non-personnel information was lost in the 2014 hack.

Her answers under oath in front of the Oversight Committee two weeks ago left Republicans and even some Democrats convinced she either knows exceptionally little about the state of her agency’s cyber-security or she’s comfortable lying about it, insisting that breaches aren’t really breaches and that obviously insecure systems are secure.

Representative Ted Lieu of California, a Democrat on the Oversight Committee, told Archuleta and her staff he was looking for “a few good people to step forward, take responsibility and resign for the good of the nation.” So far, he’s found no takers.

RELATED: Obama Needs to Respond to the Chinese Government Hack — and All Their Other Provocations, Too

“Since 2007, the OPM Inspector General has continuously pointed out serious deficiencies in OPM’s cybersecurity posture. OPM’s response has been glacial,” wrote Rhode Island Democrat Jim Langevin, a member of the House Committee on Homeland Security’s cyber-security subcommittee, in a statement calling on Archuleta to resign. “While I appreciate that Ms. Archuleta inherited a difficult situation, her first budget request continued to reflect the status quo even as the OIG’s warnings continued.”

Langevin said cyber-threats can’t be solved, only managed, but admonished Archuleta for treating the difficulty of that task as an excuse for not developing “a risk-based cyber strategy.” He concluded, “I have seen no evidence Ms. Archuleta understands this central principle of cyber governance, and I am deeply concerned by her refusal to acknowledge her culpability in the breach.”

RELATED: Cybersecurity Incompetence Pervaded Obamacare’s Rollout, Long Before China’s Recent Cyberattack

Jason Chaffetz (R., Utah), the chairman of the Oversight Committee who, like Langevin, has called on Archuleta to resign, was more heated in his criticism. “[The breaches were] not dealt with, and you were misleading, and went on television and told all the federal employees, don’t worry, no information was lost,” he told Archuleta. “You failed, utterly and totally.”

As a result of that failure, millions of federal workers have had their personal information stolen, putting them at risk for identity theft, blackmail, and worse. That’s something no workforce diversity initiative can correct.

—​ Jim Geraghty is the senior political correspondent for National Review.

Most Popular

Politics & Policy

Hillary Ruins the Plan

Editor’s note: Andrew C. McCarthy’s new book is Ball of Collusion: The Plot to Rig an Election and Destroy a Presidency. This is the first in a series of excerpts.  There really was a collusion plot. It really did target our election system. It absolutely sought to usurp our capacity for ... Read More
World

The End of Hong Kong as We Know It

The protests in Hong Kong have been going on for more than four months now, and no matter how the current crisis concludes in the coming days or weeks, it will mark the end of Hong Kong as we know it. The protests started in response to an extradition bill that was proposed by the city’s Beijing-backed ... Read More
Culture

An Insider’s Guide to Italian Insults

The tragicomic irony of Chris Cuomo’s pugilistic outburst earlier this week — cursing and physically threatening a man for taunting him with a reference to the movie The Godfather — is that the CNN anchor reinforced the usual tropes about Italian Americans. We are all wise-guys, goons, and Mafiosi, just ... Read More
Religion

Another Pop-Culture Christian Loses His Faith

It’s happened again. For the second time in three weeks, a prominent (at least in Evangelical circles) Christian has renounced his faith. In July, it was Josh Harris, a pastor and author of the mega-best-selling purity-culture book I Kissed Dating Goodbye. This month, it’s Hillsong United songwriter and ... Read More
Elections

A Brief History of Election Meddling

Editor’s note: Andrew C. McCarthy’s new book is Ball of Collusion: The Plot to Rig an Election and Destroy a Presidency. This is the second in a series of excerpts. ‘The 1980s are now calling to ask for their foreign policy back.” Thus spoke President Barack Obama just a couple of weeks before ... Read More