Digital files on presidential helicopter found in Iran

Computer documents showing an upgrade for one of the Marine helicopters used by President Obama were discovered on a file server in Iran on Feb. 25.

Tiversa Inc., a Pennsylvania company that scans file-sharing networks for government and corporate clients, first discovered the plans for the VH-60N Marine One presidential helicopter on peer-to-peer networks in the fall of 2008, said Keith Tagliaferri, operations director at Tiversa. Computer users use peer-to-peer networks such as LimeWire mostly to share electronic music files, but by allowing users to download songs stored on a computer, other files also can be accessed.

When it first discovered the leak in 2008, Tiversa informed the contractor that was the source of the security breach and told the Defense Department that the files had been stolen. Tiversa discovered the same documents for Marine One on a file server in Tehran on Feb. 25 and again notified the contactor as well as the Pentagon and the White House.

Tagliaferri declined to identify the contractor that was the source of the leaked documents. But according to a video clip from Fox News Channel 11 in Pittsburgh, which broke the story on Feb. 28, the files came from the VH-60N cockpit upgrade program, a contract that the Naval Air Systems Command awarded to Rockwell Collins in March 2004.

"The Navy is aware of media reports of a possible security breach of the Marine One helicopter program," said Lt. Clay Doss, a Navy spokesman. "We are looking into the matter but have no additional details to discuss."

The Fox affiliate reported the VH-60N files included information on the helicopter's missile warning and missile countermeasure systems. The documents were stolen because an employee likely downloaded a peer-to-peer program onto his or her computer, which also contained the Marine One files documents. That exposed all the files on the computer to anyone on the file sharing network.

Tagliaferri said the contractor that inadvertently leaked the files is based in Bethesda, Md. Lockheed Martin, which is based in Bethesda, is developing a new presidential helicopter, called the VH-71. But Lockheed spokesman Troy Scully said, "We have been contacted by a representative of Tiversa, who told us that Lockheed Martin is not the source of the reported information breach, nor does it involve the VH-71 program."

Stratford, Conn-based Sikorsky, the prime contractor for the VH-60N, is conducting an investigation into the data leak but had no comment, said Paul Jackson, a company spokesman. Rockwell Collins, based in Cedar Rapids, Iowa, is looking into the VH-60N data leak, but declined to provide details, said Pam Tvrdy, a Rockwell spokeswoman.

The federal government has suffered numerous breaches because of peer-to-peer programs. In June 2008, the health records and Social Security numbers of at least 1,000 patients from Walter Reed Army Medical Center were compromised. Congress held hearings on the problem, including one in July 2007, when the House Committee on Oversight and Government Reformlearned that military files, including classified documents, were readily available for download on popular peer-to-peer networks.

In February, a Dartmouth College researcher reported he had discovered tens of thousands of medical files containing names, addresses and Social Security numbers for patients seeking treatment for conditions ranging from AIDS to mental health problems exposed on peer-to-peer networks.

Since 2005, the Navy has forbidden unauthorized use of peer-to-peer clients. The result can be significant vulnerabilities to Navy systems, the policy says, "including unauthorized access to information, compromise of network configurations and denial of service [attacks]." The ban applies to uniformed and civilian personnel, and contractors.

"We look at 100,000 files a day," Tagliaferri said, and the company routinely finds documents more sensitive than the blueprints for the upgrade to Marine One. The more sensitive ones "pose threats to national security," he said.