Wednesday 1 December 2010

Wikileaks: How our Government IT Failed Us | ZDNet

Wikileaks: How our Government IT Failed Us

By Jason Perlow | December 1, 2010, 10:19am PST

Summary

It wasn’t an insecure SIPRNet that created the “perfect storm” that allowed Private Bradley Manning to dump the State Department cables to Wikileaks. It was the failure of our government to apply standard IT practices in a theater of war.

Blogger Info

Jason Perlow

Biography

Jason Perlow

Jason Perlow
Jason Perlow is a technologist with over two decades of experience with integrating large heterogeneous multi-vendor computing environments in Fortune 500 companies. A long-time computer enthusiast starting the age of 13 with his first Apple ][ personal computer, he began his freelance writing career starting at ZD Sm@rt Reseller in 1996 and has since authored numerous guest columns for ZDNet Enterprise and Ziff-Davis Internet. Jason was previously Senior Technology Editor for Linux Magazine, where he wrote about Open Source issues from 1999 to 2008.

In his spare time, Jason is an avid amateur chef and food writer, where his work reviewing New Jersey restaurants has appeared in The New York Times. He is also the founder of the popular food web site eGullet and blogs about restaurants and cooking at OffTheBroiler.com.

Scott Raymond

Biography

Scott Raymond

Scott Raymond
Scott Raymond has been a technologist and system administrator for over 20 years. Starting as a hobbyist in his teens, Scott quickly learned that he could translate his passion and knowledge into a full-time career. He currently works as the lead systems administrator for a neuroscience marketing company. He has written technology articles for various publications in the past and began contributing to ZDnet as a guest blogger on Jason Perlow’s Tech Broiler. Scott and Jason met in New York in the 1990s where they co-managed the New York City Palm Pilot Users’ Group with Scott’s wife Rachel.

In his spare time, Scott is a trained chef and avid bicycling enthusiast, as well as a voracious reader of historical, science and horror fiction. He is a huge fan of pop culture, with a wide range of interest in TV shows, movies and games.

Violet Blue

Biography

Violet Blue

Violet Blue
Violet Blue (tinynibbles.com, @violetblue) is a Forbes Web Celeb, SF Appeal contributor, a high-profile tech personality and one of Wired's Faces of Innovation. She is regarded as the foremost expert in the field of sex and technology, a sex-positive pundit in mainstream media (MacLife, Forbes.com, The Oprah Winfrey Show, others) and is regularly interviewed, quoted and featured prominently by major media outlets (from ABC News to the Wall Street Journal). A published feature writer and columnist, Violet also has many award-winning, best-selling books; her books are featured on Oprah's website. She was the notorious sex columnist for the San Francisco Chronicle. She headlines at conferences ranging from ETech, LeWeb and SXSW: Interactive, to Google Tech Talks at Google, Inc. The London Times named Blue one of the 40 bloggers who really count.

It wasn’t an insecure SIPRNet that created the “perfect storm” that allowed Private Bradley Manning to dump the State Department cables to Wikileaks. It was the failure of our government to apply standard IT practices in a theater of war.

This week, a lot of folks in the IT security community are scratching their heads. At the State department and at the armed forces, IT heads are likely rolling over the dump of over 250,000 secret US embassy cables to Wikileaks, which has shared this material with multiple media outlets.

Political and diplomatic ramifications of this data dump aside, many questions remain as to how it was even possible that confidential, secret State Department data from one of our most secure government networks, the SIPRNet, or Secret Internet Protocol Router Network, was even able to be leaked by a US Army intelligence analyst, Private First Class Bradley Manning, who was deployed at a field operations center in Iraq.

Conventional wisdom would seem to indicate that if Manning was so easily able to dump data off of this network, then maybe our defense networks aren’t secure after all. But it’s not that simple.

As it turns out, as it is most frequently deployed, SIPRNet (as well as JWICS) is an extremely secure environment which would have prevented offloading of data of any kind from an endpoint terminal or workstation, because one of the most common configurations uses thin-client terminals which have their USB ports disabled and contain no hard drives or even an optical storage device.

Also Read: The Battlefield Beyond Bad Flash Drives (ZDNet Government)

This purchase record from 2008, for example, from the Department of the Army for the US National Guard is indicative of a typical SIPRNet configuration, using HP T5735 smart terminals which run on Linux and use encrypted Citrix ICA sessions to a terminal server which present a virtualized SIPRNet desktop to the end-user. This is implemented using a software solution called Nettop 2, which is sold by Trusted Computer Solutions, which recently became a division of Raytheon.

The systems architecture of NetTop 2 is flexible (see embedded PDF presentation) in that it you can use any number of endpoint terminal types, including PCs, so that different sessions can be established to different virtual desktops and the end-user can have access to a mix of unclassified, semi-classified and classified material from multiple networks, such as the SIPRNet-connected intranet in which the State Department cables that Manning accessed were stored.

However, it is designed so that it is impossible for a NetTop2 user to copy or transfer data from that SIPRNet or JWICS virtual desktop session — no data transfer or cross-domain copying is allowed between access levels whatsoever.

Page 2: [What really went wrong]  »

Page 1 of 2

Jason Perlow is a technologist with over two decades of experience integrating large heterogeneous multi-vendor computing environments in Fortune 500 companies.

Disclosure

Jason Perlow

My Full-Time Employer is IBM. I write as a freelancer for ZDNet.

Disclaimer: The postings and opinions on this blog are my own and don't necessarily represent IBM's positions, strategies or opinions.

I own no investments or direct financial instruments in the companies I write about.

Biography

Jason Perlow

Jason Perlow is a technologist with over two decades of experience with integrating large heterogeneous multi-vendor computing environments in Fortune 500 companies. A long-time computer enthusiast starting the age of 13 with his first Apple ][ personal computer, he began his freelance writing career starting at ZD Sm@rt Reseller in 1996 and has since authored numerous guest columns for ZDNet Enterprise and Ziff-Davis Internet. Jason was previously Senior Technology Editor for Linux Magazine, where he wrote about Open Source issues from 1999 to 2008.

In his spare time, Jason is an avid amateur chef and food writer, where his work reviewing New Jersey restaurants has appeared in The New York Times. He is also the founder of the popular food web site eGullet and blogs about restaurants and cooking at OffTheBroiler.com.

Talkback Most Recent of 14 Talkback(s)

  • The news wasn't the leaks, it is the weaknesses
    in the cyber security of the DOD. You know damn well that some IT heads are rolling.
    ZDNet Gravatar
    Snooki_smoosh_smoosh
    12/01/2010 11:05 AM

  • I dont think that the goverment failed
    But there was maybe a sense of invulnerability at the DOD maybe that '' Guy's out system are concrete no one can hack us ....But they never tought that a 22 years old private would screw them .....

    Anyways 5 years ago someone would have say ..... guy one of these day will get screwed by a 22 years old private . the answer would have been '---- hey dumb @ss slow down on the coffee your getting paranoid .''

    I really doubt that anybody would have think or imagine a inside job.....Ever .

    So in a sense the government didnt failed the system did there a difference.

    And before some of you start screaming Obama failed you .... Did Obama name private Manning there NO
    Did Obama is a IT genius NO
    DID Obama relax the security will never know.

    In the end who could have predicted a inside job ( no one )

    Buy after that there will be full body search for IT guy at the DOD i hope they will but a nice broad for the search and not some 400 pound destroyer with 1 % body fat --- with a huge german accent Come here I will search you ... (sound of bone breaking screaming in the background) dont be a wuss its only a your spin you dont need it anyways. you sit on your fat ass all day .....

    ZDNet Gravatar
    Quebec-french
    (Edited: 12/01/2010 11:34 AM)

  • Sorry, Wrong Title
    It should be HOW OUR GOVERNMENT FAILED US.

    It's been doing that for years...Gulf of Tonkin anyone?

    This guy and Assange are preventing another mess that could cost thousands of servicemen and women's lives for the sake of big money.

    ZDNet Gravatar
    cyberslammer2
    12/01/2010 11:53 AM

  • Keep telling yourself that
    @cyberslammer2, maybe you'll believe it.
    Though I'm going to take a guess that you advocate pirating music and software as actually helping the artist and developers.

    Next you'll be stealing computers claiming "it's for the safety of the children".

    ZDNet Gravatar
    John Zern
    12/01/2010 12:11 PM
  • Mushroom?
    @John Zern

    You must like to sit in the dark and be fed BS. That is also how your government likes it.

    Questioning minds bother those in power. Clearly yours does not.

    ZDNet Gravatar
    Economister
    12/01/2010 12:36 PM
  • RE: Wikileaks: How our Government IT Failed Us
    @Economister Maybe if you quantified having a mind the size of an acorn...which John Zern has.

    He's probably one of those cowards who thinks that patting down an 80-year old and feeling up kids in the airport is acceptable in the name of security.

    Stalin and Hitler would have been proud of you.

    ZDNet Gravatar
    cyberslammer2
    12/01/2010 01:04 PM
  • RE: Wikileaks: How our Government IT Failed Us
    @John Zern Actually I do support pirating music as long as the artist supports it...try looking up Trent Reznor and see how he feels about it.

    Software piracy, no I'm not for it.

    So you're WRONG on both accounts.

    How's my burger coming?

    ZDNet Gravatar
    cyberslammer2
    12/01/2010 01:06 PM
  • Can't something be done about Jason Purlow
    Here he is discussing the configuration of terminals used for SIPRnet. I hope our enemies aren't listening.
    I'm just asking the question; why is he still breathing? Why haven't our intelligence services hunted him down like Al Queda?
    Of course everything he released is readily available and a surprise to no one. But that doesn't excuse the fact that he is talking about confidential information systems.
    ETC.
    (Please note, the above is satire)
    ZDNet Gravatar
    HollywoodDog
    12/01/2010 11:54 AM

  • ZDNet Blogger

    RE: Wikileaks: How our Government IT Failed Us
    @HollywoodDog I got all the information with simple Google searches and the vendor, Trusted Computer Solutions, was more than happy to talk to me about their product and provide me with that video. It's not like I'm disclosing information that was handed to me that was confidential.
    ZDNet Gravatar
    jperlow
    12/01/2010 11:59 AM
  • That's OK Jason
    HollywoodDog's been writing all week how it's great Assange exposed all these secret cables, informant names, and plans to everyone, so he'll come around and start calling you a "hero" in a day or two. wink
    ZDNet Gravatar
    John Zern
    12/01/2010 12:13 PM
  • As I said, I was purely satirizing the hysteria
    @jperlow You're a journalist, you're not authorized to have classified data (as far as I know), which means if someone gives it to you and you publish it, you're no more doing anything illegal than when Bob Woodward writes a book, full of previously classified information given to him by his sources.

    The defense department has already admitted there's no evidence of anyone being harmed by the leaks (and no doubt they did try to find evidence). It's a standard lie.

    There are mountains of evidence that policies and actions cooked up in secrecy harm people - namely the mountains of dead people all around who got that way by the governments actions.

    One can forgive calling the leak a "failure" if one only looks at it from an IT security point of view.

    The 'zeroth law' that one must protect humanity in general would lead to the inescapable conclusion that secrecy makes good people do bad things, and bad people do evil things, so therefore leaking it and making evil people less able to do evil is good.

    This concept is probably beyond the comprehension of most talkback posters.

    ZDNet Gravatar
    HollywoodDog
    12/01/2010 01:02 PM
  • Well Its bad because the next guy may be worst than assange
    @HollywoodDog

    Assange must have a few friend who are heavy weight champion of the f..kup and a very well defended title .

    So killing Assange could be a bad thing because the next one could be worst way worst .

    ZDNet Gravatar
    Quebec-french
    12/01/2010 12:16 PM
  • RE: Wikileaks: How our Government IT Failed Us
    According to this piece, Pvt. Bradley Manning -- the individual that dumped the documents that we know as the WikiLeaks -- is "mentally unstable." Assuming that is correct and that the author didn't make that up -- namely, that it is an official government/Army assessment, just what does that say about the security procedures that allowed Pvt. Manny open copyable access to these documents and information? Right. No good.
    ZDNet Gravatar
    rttedrow@...
    12/01/2010 01:21 PM

  • No, he's a perfectly mentally stable unemployed pizza deliverer
    @rttedrow@... who is in charge of classified government computer systems and operates them while lip-synching to Lady Gaga, for $1,200 a month. Perfectly reasonable to give him the keys to the kingdom, and let him transport rewritable media out of the lab.
    ZDNet Gravatar
    HollywoodDog
    12/01/2010 01:26 PM

Talkback - Tell Us What You Think

Posted via email from projectbrainsaver