Who Needs to Internet Hack a Secured Computer if the Hired Hands can Walk Out With Thumb Drives Every Night?

They expressed astonishment that Mr. Martin managed to take home such a vast collection of classified material over at least 16 years, undetected by security officers at his workplaces, including the N.S.A., the Office of the Director of National Intelligence and Pentagon offices.

I could understand a contractor coming in for a specific project requiring a specialist.

One of my remaining Friday morning group of friends, George, was the electronics/room environment/controls specialist at IBM’s huge Austin facility until he retired at 58. Since then, he has done month long projects for other folks, including Chinese companies, finding glitches and spikes, hunting down and changing out motherboards with heating problems, measuring the cooling necessary in an enclosed area, imposing clean standards in a room, but also rewriting control software code and substituting parts that gives him access to secret or proprietary stuff. George often faces days of security checks on his work that slow him down, as one result, but allay his employer’s fears, as another.

Of course I am sure NSA has in-house employed engineers for the job of keeping the control systems operational and up to date, but I am sure there would be a need for specialists from time-to-time.

I draw a distinction between that use of short term one-off specialists and Martin having so many years of continuing access. That’s crazy.

Working at NSA should come with weekly polygraph tests and federal courthouse level searches every morning and every night, at least. Whatever they are doing to secure against physical theft by thumb drive, it isn’t working.

8 Responses

  1. Frist.

    They are not yet sure Martin put the secrets out for sale. How ironic it would be if Martin were actually a patriot, trying to prove his mettle by improving code, who was then hacked. Misuse of government property is better for him than would be espionage, but wouldn’t be any better for the country, really, which must address the continuing breaches of national security secret data.

    Like

  2. It’s only going to get worse. Digital data is easily duplicable, and long term horizons make even heavy-duty encryption no real long-term protection, as it will only take a decade for unbreakable encryption to become trivial (for a dedicated organization) to break just using brute force attacks.

    Thumb drives can be disguised, and de-thumbed. The connector (typically USB) that makes them recognizable can be detachable, or a cable to plugs into an invisible port on a watch, or in a shoe heel. We will see memory substrates made of ceramics and plastics, and technology where the challenge is getting the recording mechanism in, but afterwards getting data out will be trivial: terabytes of data could potentially be invisible etched into your eye glasses or in the plastic of an ID badge or in special fibers in clothes or a tie.

    Then there’s expectations of security. Systems have been developed to record laptop screens from another room based on nothing but the radiant energy being used to draw the screen. Then all the hacks for WiFi and BlueTooth, making them appear off and silent, except to the software being used to monitor or transfer data. The file formats data can be hidden inside, as well: watermarks in images, waveforms in MP3s.

    Not to mention what can be done with updated traditional spycraft, using lasers to turn any window and potentially walls into microphones. You don’t have to bug an office, just shoot a laser at the right window from almost any distance with a clear line of site.

    Using the electrical wiring of an installation to transmit data or access a network from a less secure location. The flexibility of digital data makes security a lot more difficult!

    The breaches will be unending.

    Like

  3. The post 9/11 security apparatus is unmanageable. Nothing will be done to fix this.

    “The top-secret world the government created in response to the terrorist attacks of Sept. 11, 2001, has become so large, so unwieldy and so secretive that no one knows how much money it costs, how many people it employs, how many programs exist within it or exactly how many agencies do the same work.”

    http://projects.washingtonpost.com/top-secret-america/articles/a-hidden-world-growing-beyond-control/

    Like

  4. The NSA has tons of contractors. I joke that half my neighbors work either directly or indirectly for NSA. I just don’t know which half. Technically, no electronic media whatsoever, thumb drives, CD-ROMs, coll phones, two-way pagers, etc. are allowed anywhere on NSA property. All visitors and contractors have to go through metal detectors set higher than airport security. I imagine full time employees are checked a lot less frequently and could sneak small devices in and out with impunity.

    My problem is that everytime a Snowden or this guy or some other contractor breaches security they lock a lot of barn doors behind them making it tougher on everybody. I cannot say how or why I know anything about NSA security. Just be reminded that for a super top secret place, it has its own well-marked highway exits.

    A person I know who openly admits to working for a TLA says the polygraphs no longer bother him. They are psychological placebos designed to get people to confess and are useless at actually determining truthfulness. Once you recognize how to respond to the questioner, there is no point in being hooked to the device.

    Like

Be kind, show respect, and all will be right with the world.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: