The engineering, financial specs, and communications information used on Marine One, President Obama’s helicopter, were leaked over a P2P network to a system in Iran, according to reports. The leak was traced back to a defense contractor in Bethesda, Md.
Marine One info leaked to Iran via P2P network. (IMG: US Air Force/Bobby Jones)
The information was discovered by Tiversa, a company that provides P2P monitoring and protection services to governments, corporations, and even individuals. The company says its technology can monitor over 450 million users issuing 1.5 billion searches a day. While doing routine work in 2008, Tiversa discovered the information and alerted the defense contractor.
Bob Boback, CEO of Tiversa, has said in various interviews that the file with the Marine One details was discovered on the Gnutella network. It is very likely, Tiversa stated, that the contractor didn’t even know it was handing out this type of information.
“Someone installed [Gnutella] and it may have been a buggy client. All it takes is for someone to say, "Hey, do you have anything on this client?" and it gets downloaded. We see 50 of those a day. There was a large publicly traded company which accidentally just disclosed all their forecasts and M&A plans throughout 2009. A person leaked all his files and all his internal e-mail conversations as well as his calendar and all his contact information,” Boback said in a CNET interview.
According to Boback’s interview with WPXI in Pittsburgh, Iran isn’t the only country that is sniffing P2P networks looking for information. “We've noticed it out of Pakistan, Yemen, Qatar, and China. They are actively searching for information that is disclosed in this fashion because it is a great source of intelligence.”
Trolling P2P sites is nothing new, criminals do this all the time. The problem is not that the specs for Marine One were discovered on a P2P network, nor is it that they are in the hands of someone in Iran. The problem is that a United States defense contractor failed to monitor what was installed on their systems.
Contractors, government or not, spend millions on network security. They have to, because with the business they are in, secrets must be kept. How is it a defense contractor managed to let a P2P client get past they layers of security and traffic monitoring that are supposed to exist?
The contractor who is to blame for this was never named. There is no way to know what measures were in place to protect this type of information. Likewise, even Tiversa admits that they are unsure just how sensitive the information discovered is. For all the public knows, the Marine One specs located are way out of date.
Should the government worry about this type of information leak? Yes, there is simply no reason for it to happen. Defense contractors should be held to the same strict information management practices that government agencies are held to.
Now there is no denying the obvious irony that a company who monitors P2P traffic and security discovered sensitive information. This is a perfect way for them to prove that their solutions hold value. Yet, application whitelisting, strict policy enforcement on the systems, and strong DLP measures would also do the same trick.
Again, no one knows what value the Marine One specs hold, for all we know they are outdated and mostly worthless. In addition, no one knows what security measures were in place on the defense contractor’s network.
The solid fact is that something went horribly wrong, and someone is going to lose their job over this.
The Tech Herald: Exactly what is DLP?
The Tech Herald: Microsoft and RSA team up to set new standards for DLP
The Tech Herald: DLP and DeviceLock
The Tech Herald: CoreTrace releases Bouncer 4.0 and redefines whitelisting
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story