NATO seeks technology to stem leaks from secret Afghanistan network

Flags fly at NATO headquarters in Brussels.

Flags fly at NATO headquarters in Brussels. Virginia Mayo/AP

U.S. military has yet to activate same tools.

The NATO force that fights Afghan insurgents is installing an anti-leak tool on its secret network, while the Pentagon lags in activating a similar tool on its classified network.

Until now, the International Security Assistance Force, the alliance command in Afghanistan, has had no way of detecting the unauthorized downloading, copying or transmitting of files, according to NATO.

“There is a known lack of information about the data being transferred across and out the ISAF Secret Network from individual systems via removable storage media and through network boundaries,” states a notice about a forthcoming contract award.

NATO intends to launch a McAfee system that can block data sharing through emails, blogs, various segments of the network, as well CDs, thumb drives and other storage devices, McAfee officials said.

The Defense Department has a McAfee product with the same capabilities, but the U.S. military uses it only for monitoring removable drives. The tools for tracking other data transfers essentially lay dormant, McAfee officials explained.

“In this case, NATO is ahead of the U.S. government,” said Tom Conway, McAfee's director of federal business development. NATO’s technology will be able to, for example, identify that a document is for American troops’ eyes only and then block foreign soldiers from opening the file, he said.

The 2009 transfer of thousands of classified materials associated with the Iraq and Afghanistan wars to anti-secrets website WikiLeaks has spurred attempts to conduct employee surveillance governmentwide. It also has sparked a controversy that landed the alleged leaker Pfc. Bradley Manning in jail, perhaps for life, and encouraged his open government supporters to hack other government databases.

“Three years after WikiLeaks hit the press, I would argue they are not much further than they were three years ago,” in preventing unauthorized disclosures, Conway said.

He said one reason America is behind NATO in leak-protection likely is that the surface area of the Pentagon’s network -- up to 5 million devices -- is much larger than the ISAF network -- only 10,000 machines.

NATO expects in December to hire consultants for training alliance technologists on how to operate the McAfee software, the advance solicitation notice states. The Pentagon has spent about $200 million during the past three years for assistance from Northrop Grumman Corp. and McAfee.

As evidenced by NATO seeking expertise for its experts, the McAfee software is difficult to master, Conway said. In the U.S. government, “it’s tough budgetary times and frankly these tools can be rather complex to implement,” he said. The U.S. military is “trying to get the best bang for the buck.” Manning stands accused of capturing files from Defense’s Secret network on a CD -- an offense the Pentagon version of the tool can detect.

During the first half of 2013, consultants will be stationed at NATO’s cybersecurity technical center in Belgium to produce strategies and designs for installation, alliance officials said.

Northrop Grumman spokeswoman Marynoele Benson said her company is reviewing the preliminary request for proposals. “We are currently considering this opportunity and look forward to reviewing the final RFP,” she said.

Defense officials on Thursday said they believe their system still is an important piece of the department’s overall data security strategy that can track and resolve illicit activity, without disrupting information flow.

The tool “minimizes unauthorized attempts to gain access to DoD systems with a long list of proven successes,” Pentagon spokesman Lt. Col. Damien Pickart said. “Tactics and training continue to be a focus area to ensure we are getting the maximum benefits from the technology.”

He added the U.S. military currently is evaluating other products that could work in conjunction with the existing detection system “and improve the overall endpoint security coverage.”

NATO has had its own run-ins with hacker activists. In July 2011, the LulzSec hacktivist collective claimed to have stolen classified data from NATO networks but said it would be irresponsible to release the information. The alliance, however, did confirm a month earlier that probable intruders compromised a public NATO site that sells e-books.