Wednesday, April 1, 2009
Rotorcraft Report: Marine One: What Iran Knows
MILITARY | VIP
Don’t worry about foreign spies; worry about domestic incompetents. That’s what the White House must be thinking after classified documents about President Obama’s Marine One VH-3D helicopter fleet turned up on an Iranian Web site. This mind-boggling, apparently accidental breach of confidentiality was detected by Tiversa, an Internet security firm that regularly downloads posted files from the Web. Tiversa does this to detect information leaked from its clients, and to warn non-clients when their data has been released.
So how did blueprints, schematics and planned upgrades to the Marine One fleet end up in Iranian cyberspace? To find out, Rotor & Wing spoke with Tiversa Brand Director Scott Harrer in an exclusive interview.
Rotor & Wing: How precisely did your firm detect the leak?
Harrer: Last year, in 2008, one of our forensic analysts saw the file in the course of his daily work. Our forensic analysts review roughly 100,000 files a day on behalf of our customers and often we see a dolphin caught in the tuna net. Meaning that this information was unrelated to any of our customers, but still very sensitive in nature, and being disclosed to the file-sharing masses.
As part of our Duty of Care policy, we notified the defense contractor responsible for the breach as well as the government. Months went by and then we saw the same file reappear on February 25, 2009 on an IP address in Tehran, Iran.
The point is twofold; not only are these files out there, but people are actively searching for and finding this data.
Rotor & Wing: How do you know that the Marine One file ended up in Iran?
Harrer: Our technology enables us to see global activity in real-time on P2P [peer-to-peer] file-sharing networks. When files are detected, we are able to geolocate the disclosing source. Tiversa monitors roughly 450 million users, issuing 1.5 billion searches every day.
Rotor & Wing: What kind of information has been leaked? What’s the security risk?
Harrer: Blueprints, schematics and complete avionics package for the presidential helicopter, Marine One. The risk is that this information has been breached and is possessed by an individual harvesting other sensitive files. The other risk is that we have a situation where the defense contractor responsible knew months ago and has yet to close what has been an "open window." Who know what else they may have disclosed?
Rotor & Wing: Is this kind of leak common?
Harrer: Unfortunately, yes. It occurs much more often than people think. This is a problem that affects consumers with respect to identity theft, military and law enforcement with leaks such as Marine One, and corporations with breaches that occur in their extended enterprise [suppliers, partners, customers, remote employees]. We’ve seen hospitals leak tens of thousands of patient records [SSNs, names, diagnosis], classified documents and military troop movements, child psychiatric clinic notes [SSNs, names, mental illness, medical history...], and Fortune 500 companies inadvertently disclosing thousands of employee records [name, SSN, DOB, contact info].
Rotor & Wing: What risks could this pose to the security of Marine One?
Harrer: I would imagine many. At the very least, a file such as this exposes our country’s military capabilities and other details regarding how these helicopters operate and are built.
Writer’s note: With the VH-71 program now in doubt, the president is likely to be relying on the current fleet of VH-3D helicopters for years to come, security breach notwithstanding. —By James Careless