Our Full-Service B2B Marketing Program Delivers Sales-Ready E-Commerce Leads » Learn More
Welcome Guest | Sign In
ECommerceTimes.com
Digital River - Talk to the Experts

Military Secrets Discovered on Unprotected Web Sites

By Erika Morphy TechNewsWorld ECT News Network
Jul 12, 2007 2:21 PM PT

Dozens of documents containing classified information that could affect the safety of U.S. troops in Iraq and Afghanistan have been posted on unprotected servers by military agencies and related companies, according to a survey by the Associated Press.

Military Secrets Discovered on Unprotected Web Sites

The AP, abetted by work done by Christopher Freeman, a Greensboro, N.C, resident who has been tracking this practice, downloaded several documents containing classified information that had been stored on FTP (file transfer protocol) servers.

Wealth of Information

These included the following, according to the AP:

  • Several documents on a contractor's server detailed a project to expand the fuel infrastructure at Bagram Air Base in Afghanistan, including a map of the entry point to be used by fuel trucks and the location of pump houses and fuel tanks.
  • A document from the Army Corps of Engineers that contains 61 pages of photos, graphics and charts that map out the security features at Tallil Air Base in southeastern Iraq. It also depicts proposed upgrades to the facility's perimeter fencing.
  • Aerial surveys of military airfields near Balad and Al Asad, Iraq, on the National Geospatial-Intelligence Agency server.
  • Detailed maps of buildings and infrastructure at Fort Sill, Okla., were posted on Benham Companies site.
  • Material from Los Alamos National Laboratory and Sandia National Laboratories.

Most of the agencies shut down the servers in question when contacted by the AP.

Not Surprising

It is not a surprising development.

What most likely happened, speculated Paul Moriarty, director of Internet content security for Trend Micro, is that someone needed to share large data files and they were too big to e-mail. "So they used the FTP protocol," he told TechNewsWorld. Setting it up so it requires password protection can be tricky, but opening up for anonymous access, he said, is relatively simple.

"Maybe the person intended to take it down later but forgot," Moriarty added.

Workers tend to take shortcuts that make their jobs easier, he also observed. "That is human nature. What they don't realize is that there are hackers out there that are continually running scanners looking for open FTP sites."

Over the Hump

Secure computing habits or practices do not seem to improve even as government agencies and companies become more sophisticated in their use of computers, Roger Thompson, CTO of Exploit Prevention Labs told TechNewsWorld.

"The number of users that keep increasing is one problem," he noted. "Another problem is that computers have become so much a part of the business environment it is almost impossible to make rules for every action or scenario."

Common sense does not always fill the gap, he added.

Out of Sight, Out of Mind

Also, end users, unless they are directly involved in IT security, do not tend to really believe the worst projections by security analysts unless they can actually see the impact first hand, David Perry, global director of education for Trend Micro, told TechNewsWorld.

"The threats they believe in are the ones they can see -- the damage that spam can cause for instance," he said, pointing to a recent study by the company found that corporate users are more concerned with spam levels than Web threats, despite spam's decline (84 percent in 2005 and 72 percent in 2007) and a 540 percent increase in Web threats, likely due to the silent and invisible nature of new infections.

Yet employees take the security precautions about spam more seriously.

"But try telling them about need for firewall or keeping information off of unsecure severs, and they dismiss the warnings," Perry said.


Digital River - Talk to the Experts
What do you think about artificial intelligence systems that can outperform humans?
They are revolutionary tools for solving problems facing humanity.
They won't change the world, but they have many practical, beneficial applications.
There's a danger that humans will lose control of AI and there will be grave consequences.
Some of their so-called big accomplishments, such as beating humans at games, are trivial and overhyped.
AI is one more reason to consider living completely off the grid.
Contact Center AI Explained by Pop Culture