Information Warfare: Plowing Through The Porn


January 8, 2008: The Swedish Defense Ministry got an intel scare recently when an officer put some classified documents on a USB memory stick, inserted said device into a PC at an Internet Café, and then left without taking the device with him. A citizen discovered the stick, realized what was on it, and turned it over to a local newspaper, which it turn passed it on to the Defense Ministry. There, the counter-intelligence people had a fit.

Counter-intelligence officials, whose job it is to prevent secrets from being stolen, are not happy with memory sticks, which have basically replaced 3.5 inch floppy disk and rewritable CDs as the favored way of carrying around computer information. These devices are small, and easily misplaced, or stolen. In Afghanistan, and to a lesser extent Iraq, cleaning and maintenance staff, have a an annoying tendency to steal whatever they can get away with. For security reasons, many of the cleaning personnel in Iraq are imported non-Iraqis. These people are less likely to steal, not just because they have a harder time fencing the stuff, but because they can lose a good job, and be shipped home, if they get caught. In Afghanistan, hiring locals is less of a security risk, and there it has been discovered that memory sticks are very popular items to steal. Some of these devices are as small as a finger, and easy to conceal. Out on the street, some of them can bring five or ten bucks to the thief. That's real money in Afghanistan, where a good monthly salary is a hundred dollars.

The memory sticks generally hold between 512 megabytes (million bytes) to four gigabytes (billion bytes) of data. These items plug into most PCs and laptops, and instantly become another hard drive (as far as the computer is concerned.) Troops like them because they can quickly put all the data they need for a mission on a memory stick. The memory sticks are cheap, four gigabyte one versions can be had for under a hundred dollars, the smallest capacity ones for twenty bucks or less. The troops leave a lot of them lying about, and many of these get swept up by the friendly Afghan cleaning guys. When the purloined memory sticks show up in the market place, their contents, sometimes including classified data, are usually erased, to make way for the new users stuff. But, for a counter-intelligence officer, the vulnerability is obvious. The nightmare scenario is a journalist getting possession of one of these stolen memory sticks. The resulting story would feature as many damaging secrets as possible.

But it gets worse. As it turns out, these "Memory Sticks" fit nicely on the dog tag chain. Troops keep their email from home, digital pictures and all manner of stuff on these small devices. Some officers have tied to forbid the practice, as you are not supposed to take such documents with you into a combat zone (lest you be captured and the data prove useful to the enemy.) But the troops still carry the memory sticks around with them.

For official use, the military is beginning to issue encrypted (and more expensive) memory sticks. But there's still the growing risk of classified data getting on to an unencrypted device. Every new technology brings with it new risks, and this is a perfect example. But there are also opportunities, as the terrorists also like to schlep data around on memory sticks. It takes time to find the useful secrets, though, as you first have to plow through all the porn and MP3 files.




Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close