Back in June 2015, The US Office of Personnel Management was hacked by a Chinese national, who managed to make off with pretty much all of the personal information of everyone who has a security clearance, including the big long nasty form where you tell them every little thing that makes you black-mail-able, as part of your security clearance application. Oh, and fingerprints, too.
You can read all about it on Wikipedia - https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach
In the summer of 2016, a group called The Shadow Brokers published several leaks containing hacking tools from the National Security Agency (NSA). These tools targeted Firewalls, Antivirus Software, and Microsoft Products.
You can read all about it on Wikipedia - https://en.wikipedia.org/wiki/The_Shadow_Brokers
I’m no expert, but my reading of history informs me that in the 1970s, in response to the need to be able to have computer safely process data that was “secret” and “top secret” at the same time, Multilevel Security was invented, and through the decade, pretty much perfected. It strikes me as very odd that things aren’t more secure, as the technology exists, if you can afford it, to keep things secure.
Data diodes - are devices which are designed to only allow data flow in one direction. They work, and have been around for decades. It is physically impossible to get data transfer the wrong way though these things, not because of clever programming, but because the inbound link only has a fiber optic input, and is incapable of transmitting data outbound.
You can read about data diodes on Wikipedia - https://en.wikipedia.org/wiki/Unidirectional_network
Once upon a time, I got to see how work happens in classified environments during an open house... people actually work in big vaults. Computers which contain important secrets being worked on aren’t connected to the internet. Colloquially, these machines are said to be air-gapped. Now there are attacks which can leak data out of these networks, but the good ones require physically breaching the network, not remote hacking.
You can read about air-gap on Wikipedia - https://en.wikipedia.org/wiki/Air_gap_(networking)
Put air-gaps and data diodes together, and you can build a system which can take data, even over the internet, and get it into an air-gapped network, and never let it back out. Why was this not done? It boggles my mind. I’m ok with our secrets being collected, and stored in a central location, with physically secure, redundant backups.
Now a pile of secrets which can’t be accessed from the outside is useless.... there needs to be a controlled means of egress, something that humans can understand, and thus manage intelligently, with little cognitive load. I propose a simple way of doing this. Build a system wherein a personnel record can be requested from the real world, and makes its way via a data diode into the secure environment. The request is reviewed, and approved, and filled by a human using a computer, and then the requested records are written to a single use, 1.44 mb floppy diskette. The operator then hands this diskette off to a different operator, who then records the transaction, and sends the information off via the internet. The used diskettes are then sent to a third person who stores them in a vault, should any back-checking of access, or auditing be required, etc.
I’m out of time.... more later.
Mike Warot - May 15, 2018
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment