ANOTHER NSA LEAK has seen the contents of a hard drive with highly sensitive data get posted online, shedding light on a US Army intelligence project.
Chris Vickery, director of cybersecurity research firm UpGuard, found a virtual image of the hard disk left on an Amazon Web Services (AWS) server.
The image was unlisted but publicly accessible with no password needed to access the server.
“Critical data belonging to the United States Army Intelligence and Security Command (INSCOM), a joint US Army and National Security Agency (NSA) Defence Department command tasked with gathering intelligence for US military and political leaders, leaked onto the public internet, exposing internal data and virtual systems used for classified communications to anyone with an internet connection,” explained Dan O’Sullivan, cyber resilience analyst at UpGuard.
The data related to a joint project called Red Disk, which was designed to provide a cloud-based platform for sharing intelligence and reconnaissance data between the US Army and the NSA during the Afghan military operation.
The project has since been discontinued, with reports noting it crashed a lot and hindered solider operations leading to Red Disk never getting fully deployed.
The virtual disk contained data from a physical hard disk drive that was in a Linux-based server that formed part of the Red Disk system.
And the disk was separated into six partitions ranging from 1GB to 69GB in size with labels such as ‘Top Secret’ and ‘NOFORN’, the latter term labelling data so sensitive it’s not to be shrewd with foreign allies.
So it’s clear that the data on the disk was pretty damn sensitive to INSCOM, particularly as it gives a good look into how Red Disk worked, such as the intelligence data it pulled in, even though the project was ultimately a failure.
How the image was leaked is yet unknown, but it’s already known that NSA security over old data is pretty borked, especially as there have been a handful of security contractors that have followed Edward Snowden’s example and leaked confidential data.
“This cloud leak was entirely avoidable, the likely result of process errors within an IT environment that lacked the procedures needed to ensure something as impactful as a data repository containing classified information not be left publicly accessible,” highlighted O’Sullivan.
“In order to stop and shift away from the regular revelations of another exposed intelligence operation, federal stakeholders must begin to regain control of their systems, reducing their complexity by gaining full visibility into the complex workings of the government’s cyber presence.”
If we were spooks at the NSA right now, we’d be feeling a little embarrassed. But then again with a President like Donald Trump running his mouth on Twitter, the attention is likely to quickly be redirected to the White House and away from the US’ security services. µ
Source : Inquirer