Has anyone come across any information which might suggest the general flaw in the SIPRNET terminal the led to the situation in which we currently find ourselves? Presumably one can’t just download these files off the private network onto a USB key and upload them to Wikileaks.
So how is it alleged that Mr. Manning (or whomever is responsible) got the vast amounts of data from the private secure system into the wild?
I found a bit more info but it doesn’t really explain how the system could be so easily defeated.
(12:26:09 PM) bradass87: lets just say someone i know intimately well,
has been penetrating US classified networks, mining data like the ones
described… and been transferring that data from the classified networks
over the “air gap” onto a commercial network computer… sorting the data,
compressing it, encrypting it, and uploading it to a crazy white haired
aussie who can’t seem to stay in one country very long =L
Source: http://www.dailytech.com/UPDATE+ManningLamo+Chat+Logs+Released+Lamo+Claims+Wikileaks+Betrayal/article18841.htm
According to news reports, Pfc. Manning allegedly burned the information onto compact discs, thereby evading a security loophole. The U.S. military document detailing the charges against Manning does not provide specifics, except that he allegedly put classified information onto a personal computer. source: Military Leaks: SIPRNet Under Scrutiny - WSJ
bump?
They had an interview a few months back on NPR with someone that had spoken with Manning before he was arrested (I think it might’ve been the guy that turned him in, actually). Apparently Manning would bring a diskman with a CD in it that said “Backstreet Boys” or whatever, and then just burn the data onto the disk and walk out with it.
Not sure of the technical details of how easy or hard it is to copy files off a classified server, I doubt the Pentagon would say. Obviously its not that hard though.
The flaw that you’re talking about is human, not technical. Think of our information systems like any of our weapon systems–perfectly safe usually, but vulnerable to misuse and mistakes by people.
I’ve had access to classified information for the last fifteen years, and have had hundreds of opportunities to do bad things with it (through several different methods), but I’d never do anything like that–it’s insanely stupid, and several other adjectives which belong in the Pit. Unfortunately, there are dirtbags out there that think otherwise, and you can only guard against that behavior so much.
I don’t think thats right. If you assume that anytime someone walks off with classified information, its a “human error” then there isn’t really any point in having security at all. Thousands of people have access to the SIPRNET network, basically depending on the honor system to keep thousands of relatively young, low-ranking soldiers and gov’t workers from spilling the beans is a security flaw.
As the OP suggests, it seems likely that the security flaw here was allowing low-level intelligence workers the ability to copy files out to standard CD’s.
Also worth noting that Manning apparently would’ve gotten away from it if he hadn’t been turned in by a hacker he’d confessed to. That suggests that not only did the system allow him to make mass copies of data-basis onto generic CDs, but that the system didn’t raise any red-flags when he did so or make it easy to backtrack and see which user had made said copies.
The human component is, more often than not, the weak link in InfoSec. A certain amount of trust has to be given to the data user in order for the data to be… well… used. You can gather classified data in your head and leak it (although it will usually lack a level of data integrity by that means).
Having worked in SIPRNet world and other “classified” (US government “classified” and business-world “classified,” as “classified” is not a classification in its own right), I can say that many/most of these net-attached systems have (and currently do) allow for the use of removable storage media. DoD regs not long ago allowed the use of USB storage again, for example. Network Attached Storage (NAS) is nothing new, either. There are ways… including the ubiquitous printer.
Call it what you want. But you must enable low-ranking individuals to leverage the information, and use it. You contend that there should be safeguards in place to keep those individuals from burning CD’s. I’m not going to get into what capabilities exist for transferring files, but the bottom line is that it is often necessary to move files around, even for low-ranking people. It is not necessary a “flaw.” It’s a known risk. And keep in mind that we are not hemorrhaging classified information.
Your solution doesn’t work, because you must allow access to the information, and there is always a way to get the information out, if that’s your goal. If you want 100% guaranteed security, the only way to achieve that is to deny any access at all. So yes, it’s a trust game, enforced by the UCMJ. Sometimes we get burned by it, but for the most part, it works.
ETA: I won’t even get into the inherent problems of trying to figure out who is “low ranking” and who isn’t, and how that concept is, IMO, flawed–anyone can compromise the system, no matter the rank.
That’s stupid. The low level person shouldn’t have access to information to copy it in the first place. If the information is so critical, why are you letting a low level peon access it. Why are you letting him bring in CDs in the first place?
And there’s no reason a truly secure system needs to use the normal method of transfering files. You could, for example, automatically use a file format that can’t be read on home computers, or, better yet, actually encrypt all data that’s being transferred. If your system is set up well, then every computer on the system (and only those) should be able to decrypt it.
As for not being able to figure out who has clearance for what: that again is a flaw in the system. There’s no reason not to have clearly defined levels.
Yes, there will always be a hacker that is smarter, but that’s no reason not to cover up the obvious holes that are already there.
I have worked on a variety of secured system for many years. None of them use anything other than normal COTS (common off-the-shelf) software for their main applications. Things like Windows, and Microsoft Office. They use these because they are cheap in bulk, and people are familiar with them, so training cost are minimal. And they provide no data or application level security (as opposed to general file and network security) features at all. Text can be cut and pasted from High to Low security contexts without warning if the user has access to both. Emails are not secure at all. Unless you use some very expensive and hard to use software, files can be moved from location to location with no restrictions. It is hard to restrict access to USB devices, and such devices can be moved out of a secure environment in a pocket. Encryption only covers storage and wire transfers - if you want to use the data, it will be decrypted at the client end, and it is then insecure. And widescale encryption is really hard to implement and manage without eventually ending up with some data that no-one can get to because keys have been lost or expired.
Eventually someone will write a secure data-context aware office suite (probably using LibreOffice as a base and running on a locked down Linux variant with security contexts, and an audited office data storage backend). But getting major departments to move to such a system will be resisted on cost/training. Until then, it is mostly only the co-operation of the users that prevents more data leaks. It is considered cheaper and easier to deal with this at a human factors level than paying to solve the problem at a technological one.
Si
They were saying on the Beeb this morning that 2.5 million people had access to this information - including soldiers on the ground in Iraq. If this is true it’s clearly a matter of time before it leaks. Seems a bit bonkers.
The UK paper,the Guardian has a few more specifics:
A few important things to remember are that 1) PFC Manning was an MI soldier whose job was to deal with and have wide access to intelligence reports and information, moreso than most other service members aside from general officers; 2) since this did involve SIPRNET, he was likely working from a command center-type setup that had rows of computers and work stations, so that it would be harder to peek over his shoulder and much easier to blend in, particularly if he just minimized the window which displayed the file copying and worked on another document; 3) Soldiers and other service members or DOD civilians are not required to empty their pockets or go through metal detectors when simply entering an area in which classified materials are being worked on or seen. Some places, aside from security measures that only allow people in with a certain badge and passcode, just have signs that say that cellphones are not permitted beyond a certain point. Even then, there aren’t detectors that sound an alarm should someone bring in a cellphone that still has its battery in it - let alone a rewritable CD.
(Quote clipped)
That’s absurd. There are a lot of “low level” personnel who require access to information. Hell, administrative support staff usually have access to more info than damn near anyone.
Agreed, that’s totally ridiculous. Clearance is a function of the job, not the individual or the individual’s rank. If that person passes a background check and is granted a clearance, then he’s entitled access (commensurate to the level of the clearance and iaw need-to-know) if that what his job requires.
I agree with most of what you say, but not sure about this–I’ve never encountered that, as there’s always been the protection of the air gap.
Well for one thing the network in question can only go up to a classification of SECRET which actually isn’t very high.
hijack: Given what the public knows of SIPRNET, would it likely have been a trivial task to figure out who the source of the leak was as soon as the major releases started coming out? Clearly there were not ‘alarm’ systems to raise red flags that so many records were being accessed, but surely a simple search who accessed these records in conjunction with the others could have been run and found the guilty party overnight?
Thus the question becomes, given the Manning’s technical prowess, wouldn’t he have almost certainly known there was no way to leak this stuff anonymously?
If they have to see us nude to get onto an airplane, they should search people going into a classified area.
It’s the SIPRNET terminal that’s classified. There is no “area”. On my last deployment, we had a dozen laptops on SIPRNET in our work tent. Pretty typical; multiply that by thousands of locations in an AOR (Area of Operations). You have access cards, logins, and passwords to actually get on the system. You had one laptop for access to unclassified networks and one for SIPRNET alongside.
A major problem was that everything you did or sent on SIPRNET was CLASSIFIED. Even the most mundane crap. And you had to send it to everyone because you couldn’t print it out (in most circumstances) and USB sticks/HDs were verboten or highly restricted. Massive data production.
The guy burned stuff on CDs, definitely a failure mode. Someone (way up) decided that CD/DVD would be the only mechanism to transfer betweeen classified and unclassified systems.
This is outrageous! To think that someone in the military would listen to Backstreet Boys in this day and age.
Everything I’m reading says that Manning talked about the leak and his confidant turned him in. I think he would have gotten away with whistleblowing if wasn’t such a fucking idiot.