recommended reading

NATO seeks technology to stem leaks from secret Afghanistan network

Flags fly at NATO headquarters in Brussels.

Flags fly at NATO headquarters in Brussels. // Virginia Mayo/AP

The NATO force that fights Afghan insurgents is installing an anti-leak tool on its secret network, while the Pentagon lags in activating a similar tool on its classified network.

Until now, the International Security Assistance Force, the alliance command in Afghanistan, has had no way of detecting the unauthorized downloading, copying or transmitting of files, according to NATO.

“There is a known lack of information about the data being transferred across and out the ISAF Secret Network from individual systems via removable storage media and through network boundaries,” states a notice about a forthcoming contract award.

NATO intends to launch a McAfee system that can block data sharing through emails, blogs, various segments of the network, as well CDs, thumb drives and other storage devices, McAfee officials said.

The Defense Department has a McAfee product with the same capabilities, but the U.S. military uses it only for monitoring removable drives. The tools for tracking other data transfers essentially lay dormant, McAfee officials explained.

“In this case, NATO is ahead of the U.S. government,” said Tom Conway, McAfee's director of federal business development. NATO’s technology will be able to, for example, identify that a document is for American troops’ eyes only and then block foreign soldiers from opening the file, he said.

The 2009 transfer of thousands of classified materials associated with the Iraq and Afghanistan wars to anti-secrets website WikiLeaks has spurred attempts to conduct employee surveillance governmentwide. It also has sparked a controversy that landed the alleged leaker Pfc. Bradley Manning in jail, perhaps for life, and encouraged his open government supporters to hack other government databases.

“Three years after WikiLeaks hit the press, I would argue they are not much further than they were three years ago,” in preventing unauthorized disclosures, Conway said.

He said one reason America is behind NATO in leak-protection likely is that the surface area of the Pentagon’s network -- up to 5 million devices -- is much larger than the ISAF network -- only 10,000 machines.

NATO expects in December to hire consultants for training alliance technologists on how to operate the McAfee software, the advance solicitation notice states. The Pentagon has spent about $200 million during the past three years for assistance from Northrop Grumman Corp. and McAfee.

As evidenced by NATO seeking expertise for its experts, the McAfee software is difficult to master, Conway said. In the U.S. government, “it’s tough budgetary times and frankly these tools can be rather complex to implement,” he said. The U.S. military is “trying to get the best bang for the buck.” Manning stands accused of capturing files from Defense’s Secret network on a CD -- an offense the Pentagon version of the tool can detect.

During the first half of 2013, consultants will be stationed at NATO’s cybersecurity technical center in Belgium to produce strategies and designs for installation, alliance officials said.

Northrop Grumman spokeswoman Marynoele Benson said her company is reviewing the preliminary request for proposals. “We are currently considering this opportunity and look forward to reviewing the final RFP,” she said.

Defense officials on Thursday said they believe their system still is an important piece of the department’s overall data security strategy that can track and resolve illicit activity, without disrupting information flow.

The tool “minimizes unauthorized attempts to gain access to DoD systems with a long list of proven successes,” Pentagon spokesman Lt. Col. Damien Pickart said. “Tactics and training continue to be a focus area to ensure we are getting the maximum benefits from the technology.”

He added the U.S. military currently is evaluating other products that could work in conjunction with the existing detection system “and improve the overall endpoint security coverage.”

NATO has had its own run-ins with hacker activists. In July 2011, the LulzSec hacktivist collective claimed to have stolen classified data from NATO networks but said it would be irresponsible to release the information. The alliance, however, did confirm a month earlier that probable intruders compromised a public NATO site that sells e-books.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.