Details on presidential motorcades, safe house for First Family, leak via P2P
Lawmakers eye bill to ban P2P use on government, contractor networks
Computerworld - Details about a U.S. Secret Service safe house for the First Family -- to be used in a national emergency -- were found to have leaked out on a LimeWire file-sharing network recently, members of the House Oversight and Government Reform Committee were told this morning.
Also unearthed on LimeWire networks in recent days were presidential motorcade routes and a sensitive but unclassified document listing details on every nuclear facility in the country, Robert Boback, CEO of Tiversa Inc. told committee members.
The disclosures prompted the chairman of the committee, Rep. Edolphus Towns, (D-N.Y.), to call for a ban on the use of peer-to-peer (P2P) software on all government and contractor computers and networks. "For our sensitive government information, the risk is simply too great to ignore," said Towns who plans to introduce a bill to enforce just such a P2P ban.
Tiversa is a Cranberry Township, Pa.-based provider of P2P monitoring services. In the past, it has served up dramatic examples of highly sensitive information found on file-sharing networks. In January for instance, the company disclosed how it had discovered sensitive details about the President's helicopter, Marine One, on an Iranian computer after a document leaked out over a P2P network.
Today's hearing continued in that vein, with Tiversa providing new sensational examples of leaked information. Boback showed off a document, apparently from a senior executive of a Fortune 500 company, listing every acquisition the company planned to make -- along with how much it was willing to pay. Also included in the document were still-private details about the company's financial performance. Boback also showed numerous documents listing Social Security numbers and other personal details on 24,000 patients at a health care system, as well as FBI files, including surveillance photos of an alleged Mafia hit man that were leaked while he was on trial. He demonstrated to members of the committee how pedophile predators troll file-sharing networks looking for images and data.
Speaking with Computerworld before the hearing, Boback said that all of the information was readily available on LimeWire's file-sharing network after apparently being leaked. The data on the nuclear sites was found on computers associated with four IP addresses in France, though it is not immediately clear where the data came from. The files containing information about the president and his family had Barack Obama's seal on it and a July date.
Though the information was not classified, it was sensitive enough that under normal circumstances it would not have been available even via a Freedom of Information Act request, he said.
This is the third time that the House Oversight committee has held a hearing on the topic of data leaks on P2P networks. The last hearing was two years ago and featured similar revelations from Tiversa and others.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts