14 DAY TRIAL // The complete design specs of the presidential helicopter, called "Marine One," have been discovered by a security company on a peer-to-peer file-sharing network. The files have been leaked from a military contractor and were found to be hosted on a computer system located in Tehran.
Employees from P2P intelligence company Tiversa, headquartered near Pittsburgh, PA, have detected a serious breach affecting the security of President Barack Obama. "We found a file containing entire blueprints and avionics package for Marine One,which is the president's helicopter," Bob Boback, CEO of Tiversa, explained for WPXI.
Even though the file was discovered on a system with an IP based in Iran's capital city, company experts succeeded in tracking it back to its origin. According to Tiversa, the secret documents, which included "Marine One" schematics, upgrades and computer network information, were being shared from the computer of a Bethesda-based defense contractor.
"We found where this information came from. We know exactly what computer it came from. I'm sure that person is embarrassed and may even lose their job, but we know where it came from and we know where it went," Retired General Wesley Clark, currently working as an advisor for the security company, commented.
The likely explanation is that an employee installed a P2P program with default settings on a company system. Upon installation, many of these programs offer to or automatically share portions of the hard disk drive, which unfortunately also contained the sensitive file, in this case.
Mr. Clark also pointed out that the government agencies handling the president's security had been immediately notified upon the discovery of the breach, and they were actively working to mitigate any potential risks.
Unlike leaking data by misplacing storage devices such as USB sticks or external drives, there is little one can do to recover it once it's out on file-sharing networks. Because of this and due to the possible distribution of copyrighted materials, P2P applications are banned or strictly controlled in most companies, even though they also have legit uses.
This incident raises several questions as to why there have been no local system policies preventing the employee from installing such software, or why network-wide filters have not blocked peer-to-peer traffic.
In times when the Internet espionage is a common practice and entities in countries such as China, Russia, Pakistan, or North Korea are going to great lengths to compromise sensitive systems and extract confidential information, making it easily available on file-sharing networks is certainly not helping.