recommended reading

NATO seeks technology to stem leaks from secret Afghanistan network

Flags fly at NATO headquarters in Brussels.

Flags fly at NATO headquarters in Brussels. // Virginia Mayo/AP

The NATO force that fights Afghan insurgents is installing an anti-leak tool on its secret network, while the Pentagon lags in activating a similar tool on its classified network.

Until now, the International Security Assistance Force, the alliance command in Afghanistan, has had no way of detecting the unauthorized downloading, copying or transmitting of files, according to NATO.

“There is a known lack of information about the data being transferred across and out the ISAF Secret Network from individual systems via removable storage media and through network boundaries,” states a notice about a forthcoming contract award.

NATO intends to launch a McAfee system that can block data sharing through emails, blogs, various segments of the network, as well CDs, thumb drives and other storage devices, McAfee officials said.

The Defense Department has a McAfee product with the same capabilities, but the U.S. military uses it only for monitoring removable drives. The tools for tracking other data transfers essentially lay dormant, McAfee officials explained.

“In this case, NATO is ahead of the U.S. government,” said Tom Conway, McAfee's director of federal business development. NATO’s technology will be able to, for example, identify that a document is for American troops’ eyes only and then block foreign soldiers from opening the file, he said.

The 2009 transfer of thousands of classified materials associated with the Iraq and Afghanistan wars to anti-secrets website WikiLeaks has spurred attempts to conduct employee surveillance governmentwide. It also has sparked a controversy that landed the alleged leaker Pfc. Bradley Manning in jail, perhaps for life, and encouraged his open government supporters to hack other government databases.

“Three years after WikiLeaks hit the press, I would argue they are not much further than they were three years ago,” in preventing unauthorized disclosures, Conway said.

He said one reason America is behind NATO in leak-protection likely is that the surface area of the Pentagon’s network -- up to 5 million devices -- is much larger than the ISAF network -- only 10,000 machines.

NATO expects in December to hire consultants for training alliance technologists on how to operate the McAfee software, the advance solicitation notice states. The Pentagon has spent about $200 million during the past three years for assistance from Northrop Grumman Corp. and McAfee.

As evidenced by NATO seeking expertise for its experts, the McAfee software is difficult to master, Conway said. In the U.S. government, “it’s tough budgetary times and frankly these tools can be rather complex to implement,” he said. The U.S. military is “trying to get the best bang for the buck.” Manning stands accused of capturing files from Defense’s Secret network on a CD -- an offense the Pentagon version of the tool can detect.

During the first half of 2013, consultants will be stationed at NATO’s cybersecurity technical center in Belgium to produce strategies and designs for installation, alliance officials said.

Northrop Grumman spokeswoman Marynoele Benson said her company is reviewing the preliminary request for proposals. “We are currently considering this opportunity and look forward to reviewing the final RFP,” she said.

Defense officials on Thursday said they believe their system still is an important piece of the department’s overall data security strategy that can track and resolve illicit activity, without disrupting information flow.

The tool “minimizes unauthorized attempts to gain access to DoD systems with a long list of proven successes,” Pentagon spokesman Lt. Col. Damien Pickart said. “Tactics and training continue to be a focus area to ensure we are getting the maximum benefits from the technology.”

He added the U.S. military currently is evaluating other products that could work in conjunction with the existing detection system “and improve the overall endpoint security coverage.”

NATO has had its own run-ins with hacker activists. In July 2011, the LulzSec hacktivist collective claimed to have stolen classified data from NATO networks but said it would be irresponsible to release the information. The alliance, however, did confirm a month earlier that probable intruders compromised a public NATO site that sells e-books.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.