Stealing really sensitive data? Just smuggle it out on a fake Lady Gaga CD
Stealing really sensitive data? Just smuggle it out on a fake Lady Gaga CD
NextGov.com says it's a rule of thumb that insiders pose the greatest threat to classified information systems - a rule sadly reinforced by Wikileaks’ public release of 91,000 classified documents stolen from the US Defense Department. By Bob Brewin. August 2010
The Defense Department has zeroed in on Private Bradley Manning, as the source of the documents Wikileaks released, because it already has him in custody for allegedly leaking other documents to Wikileaks this year.
While the Pentagon has been all over the news in its reaction to potential damage caused by this massive leak, it has been strangely silent on any new plans to counter insider threats -- or how, as the New York Times put it, a private was able to: "exploit a loophole in Defense Department security to copy thousands of files onto compact discs over a six-month period."
"In at least one instance, according to people familiar with the inquiry, Private Manning smuggled highly classified data out of his intelligence unit on a disc made to look like a music CD by Lady Gaga."
This may have something to do with the fact that in fiscal 2010, the Defense Information Systems Agency (DISA) budgeted a mere $814,000 for insider threat detection systems and asked for a $2.2 million budget for insider detection tools in fiscal 2011. That's out of an overall information systems security operations and maintenance budget request of $288.6 million.
Since insiders account for 75 percent of leaks, why does DISA allocate such a small amount of its budget to countering the biggest part of the information security problem?
http://whatsbrewin.nextgov.com/2010/08/what_about_countering_insider_threats.php