Military Gives External Media Devices Marching Orders
Dec 10, 2010 12:55 PM PT
In the wake of Pentagon-based U.S. Army Pfc. Bradley Manning's leaks of thousands of files from SIPRNET -- the Defense Department's internal version of the Internet -- to Wikileaks, all branches of the U.S. Armed Forces are ordering troops to stop using portable or removable media.
The move comes after Pentagon officials reviewed various ways to foil Wikileaks, mostly by removing removable media. Problem is, by waylaying Wikileaks, the Armed Services may be hampering their own missions.
"Users will experience difficulty with transferring data for operational needs which could impede timeliness on mission execution," the order notes.
What's more, criticism is growing that the government isn't doing nearly enough to staunch the potential flow of classified information.
Access Review Essential
"Reports indicate that the Pentagon has immediately taken steps to disable drives that would allow users to record and remove data," said Kurt Johnson, vice president of strategy and corporate development at Courion. "But a Pentagon spokesman has said that officials are not yet reviewing who has access to data. It is absolutely crucial that access policies are defined, verified and enforced in order to safeguard critical data."
Such safeguards will likely only represent the start of a daunting task.
"The WikiLeaks debacle will force the Department of Defense to rethink computer security procedures and change their policies, but in a revolutionary way," said Darren Hayes, a computer forensics and security professor at Pace University's Seidenberg School of Computer Science and Information Systems.
Revolutionary or not, those policy changes should include "identity and access management systems synched up with security information and events management software and data loss prevention tools to monitor who has access to key applications and what is being done with that access," Courion's Johnson told TechNewsWorld.
"The Pentagon likely knows which of its data stores are most sensitive, but there is a need to create access intelligence -- an understanding of who has access to that data and whether what's being done with it is inconsistent with normal activity," he explained.
Media and Morale
Defense Department officials have long debated whether access to everything from USB drives to social media should be allowed or restricted, Seidenberg's Hayes told TechNewsWorld.
"There have been numerous problems with secrets being linked through social media and compromises with USB devices well before WikiLeaks," he said.
Yet with morale at stake, little action has ever materialized.
"Many have argued that it is important for military personnel stationed abroad to have access to technology that facilitates communication with family," Hayes explained.
The morale argument, however, falls short for George Calhoun, executive-in-residence at the Stevens Institute of Technology Howe School of Technology Management, whose son is an infantry officer stationed in Afghanistan.
Armed forces personnel "follow a number of instructions" that greatly reduce their contact with the outside world, he told TechNewsWorld.
"I don't know exactly the routes he travels, or details of his missions," added Calhoun, an information architecture and wireless communications expert who cofounded InterDigital Communications Corporation. "But my son and his fellow soldiers are conditioned to function under these circumstances, so I don't think loss of certain media devices will impact their morale."
Enforcing the order shouldn't be difficult either, Calhoun explained.
"Unless you're listening privately to a Lady Gaga CD or something, you cannot use these devices without detection, especially on the military's current networks," he said. Calhoun was also chairman of Geotek Communications' joint venture with the Israeli government's Rafael Armament Development Authority to develop secure fleet radio communications.
By shutting down so much troop-accessible media, the U.S. Armed Forces will doubtless be criticized for overreacting. After all, the Pentagon's computers weren't hacked, and the information Wikileaks received was turned over, voluntarily, by a renegade armed serviceman.
Or so it appears -- but appearances can be deceiving, reminds author and executive consultant John Mariotti, a former president of both Rubbermaid Office Products and Huffy Bicycle, who started his career as a codesigner of the AUTOVON, a super-secure U.S. military phone system built to survive nuclear attacks.
Although Wikileaks did not directly attack the DoD's computer network, Manning's leaked documents about conflicts in Iraq and Afghanistan do represent what Mariotti calls "a modified form of cyberattack: 'cybersnooping.'"
Wikileaks also took advantage of a flaw in the government's network security, albeit a human-driven flaw.
"The U.S. government uses two different computer networks: NIPRNET, which is analogous to the Internet we all know and use; and SIPRNET, a secure network separated from NIPRNET by an 'air gap,' which means that no physical connection between the two exists," said Mariotti.
Ironically, "SIPRNET was designed for such high-security personnel access, it was not protected with a high security system," he explained. "Allegedly, a private first class 'bridged the air gap' with an external memory device -- maybe a USB thumb drive -- in such a way that material could be copied and then retransmitted."
The military is right to be worried particularly about thumb drives, "the easiest, smallest way to either download or upload something," Mariotti said. "For malware and stealing data, they are small, easy to conceal, and cheap."
All this talk of cybertheft and malicious Internet intent reminds Mariotti of the plot of his recently published thriller, The Chinese Conspiracy, which contains numerous elements of the unfolding Wikileaks scenario and warns against the very real dangers of cyberskullduggery.
"How is Wikileaks any different from the attack that stole the plans for the U.S. Air Force F-35 Joint Strike Fighter?" he asked. "If hackers and cybercriminals can hack into the U.S. Army's systems and access battlefield plans -- which they did in 2008 -- then what is secure any more?"