ISR News: Marine One Security Breach

March 1, 2009 by ADMIN
Share |

Updates:  Marine One Breach Has Winners and Losers

Excerpts From The Raw Story

A Pittsburgh-area company that monitors peer-to-peer networks accessed with file-sharing software like LimeWire and Napster says it has identified a potentially serious security breach involving Marine One and an IP address in Tehran, Iran.

The company found a file detailing the helicopter’s blueprints and avionics package, which it then traced to its original source, Tiversa CEO Bob Boback told NBC affiliate WPXI, which reported the story Saturday.

Retired Gen. Wesley Clark, an adviser to Tiversa, said he knows exactly which U.S. computer leaked the Marine One information, and that that person may soon be unemployed, according to WPXI.

“I’m sure that person is embarrassed and may even lose their job, but we know where it came from and we know where it went,” Clark said, adding that other military information has been found online in the past.

Iran isn’t the only country considered unfriendly to the United States that appears to be accessing sensitive information via the Internet.

“We’ve noticed it out of Pakistan, Yemen, Qatar, and China,” Boback said. “They are actively searching for information that is disclosed in this fashion because it is a great source of intelligence.”

Comments by Laura Wilson

In yet another illustration of the gaps in the data access chain, we learn that the specs for President Obama’s helicopter have been compromised. Lord knows who else has the schematics.

We don’t know where our sensitive information is, who has it, or what they’re doing with it.

We don’t know what else is out there.

Here’s what Charles Cooper at CNET has to say about the discovery of the breach:

Tiversa, headquartered in Cranberry Township, Pa., reportedly discovered a security breach that led to the transfer of military information to an Iranian IP address, according to WPXI. The information is said to include planned engineering upgrades, avionic schematics, and computer network information.

The channel quoted the company’s CEO, Bob Boback, who said Tiversa found a file containing the entire blueprints and avionics package for Marine One.

“What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One,” Boback told WPXI.

Tiversa makes products that monitor the sharing of files online. A representative for the company was not immediately available for comment.

Boback believes that the files probably were transferred through a peer-to-peer file-sharing network such as LimeWire or BearShare, then compromised.”

RawStory quotes Wes Clark on the breach:

“Retired Gen. Wesley Clark, an adviser to Tiversa, said he knows exactly which U.S. computer leaked the Marine One information, and that that person may soon be unemployed, according to WPXI.

“I’m sure that person is embarrassed and may even lose their job, but we know where it came from and we know where it went,” Clark said, adding that other military information has been found online in the past. ”

(Disclosure: I love Wes Clark. I’ve never met him, other than being at a luncheon with Wes and a couple hundred other people when I did much volunteer work for his presidential run. But like Eric Shinsheki and Richard Clarke, the man had the cojones to call bull to power when he saw a fatal flaw. I’m betting that we see Wes up on The Hill -At least I sure hope so.)

I have nothing to add, at this point, about the gravity of this information security gap. I note, again, that this endemic failure to protect our information assets is a huge and, until recently, unrecognized threat. I am hopeful that we will now turn appropriate attention to finding and fixing the infosec holes.

Laura is a business consultant and an advocate for information security, consumer protection, long-term shareholder value, and better management decisions. Her specialty is finding and fixing risks and threats to sensitive data. Her experience includes international banking, credit card, and mortgage companies, venture capital portfolio companies, and software and technology providers. She practiced law in Silicon Valley during the tech boom and meltdown, handling corporate governance and information protection.

The Author gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

These icons link to social bookmarking sites where readers can share and discover new web pages.
  • TwitThis
  • LinkedIn
  • Google Bookmarks
  • Digg
  • StumbleUpon
  • YahooBuzz
  • del.icio.us
  • Wikio
  • Propeller
  • Facebook
  • MySpace
Share |


Filed under: Breach, Class Action Lawsuit, D&O Liability, Financial, Government, ISR News, Insider Threat, Military, Uncategorized, hackers, malware, national security 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Comments

One Comment on ISR News: Marine One Security Breach

  1. Marine One Breach Has Winners and Losers « Your Mortgage or Your Life… on Sun, 1st Mar 2009 7:39 pm

    2. [...] information had made its way as far as an ISP address in Tehran, Iran: ISR News — A Pittsburgh-area company that monitors peer-to-peer networks accessed with file-sharing [...]

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!