[kasey_junk]

Isn't that what this article is about? We are pretty certain that this was an act of espionage by another nation state. Criminal investigations are not how you respond in those cases (unless we found the agent on our soil, which AFAIK we did not).

What is curious is that we aren't sure what the norms are for how to respond to cyber espionage, unlike with in person espionage which had a whole set of responses we could fall back on.

[pasbesoin]

Criminal negligence?

Certainly, negligence that should incur public disgrace.

Also arguably demonstrating one of the points made by the whistleblowers: You can't trust the government to properly manage all the information they collecting.

[irq-1]

This isn't negligence. Instead of trying to protect data and networks the US government has made "cyber crime" a military issue. They've been doing it deliberately and publicly, for over a decade. Domestically they followed the same plan: companies get protection (financial, legal, image,) discouraging them from taking security seriously, and individuals get the CFAA which has a similar effect. They want data and network security to be a military problem, not to encourage security.

We can't blame the OPM for the security issues. They were a victim of a bad national strategy.

If you "see something, say something" unless its about cyber security.

[pasbesoin]

Purposeful negligence?

It should be prosecuted, in the court of public opinion if no one will bring it to a judicial court.