Blueprints of Obama's Marine One helicopter leaked on P2P

Share this article:
The blueprints for President Obama's helicopter, Marine One, were downloaded from a peer-to-peer (P2P) network and onto a computer in Tehran, Iran, a file-sharing monitoring company has revealed.

Robert Boback, CEO of P2P monitoring company Tiversa, which discovered the leak, told Monday that the downloaded file contains a detailed analysis of the anti-missile defense mechanisms used on Marine One.

“Clearly the security measures of Marine One are classified,” Boback said. “The only reason this document wasn't marked classified is because it was in draft format.”

The file also contains communications between the U.S. Department of Defense (DoD) and the Navy regarding the upgrade of the avionics and computer packages of Marine One, he said. Additionally, the file contains the general design of the helicopter and information on the wiring and the inner workings of its computer system.

The file was originally found by Tiversa in the fall of 2008. It was inadvertently leaked by a military defense contractor based in Bethesda, Md., Boback said. One of its employee's computer systems was running a file-sharing program linking the sensitive information about Marine One.

P2P networks most commonly are used for music sharing, but some people don't realize that once a P2P network is downloaded, it opens up a user's hard drive to others, he said.

“It depends on the [P2P] program, but most of the programs index all of the content on the user's hard drive,” Boback said.

When the documents were discovered in the fall of 2008, Tiversa worked with the DoD and the White House to get the file taken down and analyzed. But on Feb. 25, during regular monitoring, Tiversa discovered the same file being hosted by an Iranian IP address.

This means that someone in Iran downloaded the file off the P2P network while it was still available, and is now hosting it from their IP address in Iran, Boback said. Because Iran typically does not respect IP takedown notices, the file remains on the P2P network.

“Once it's in another jurisdiction, such as Iran, there's not much that we can do,” Boback said.

The White House did not respond immediately for comment.

Avivah Litan, distinguished analyst at Gartner, told Monday that P2P networks contain a vast amount of sensitive information -- corporate secrets, tax returns and personal data, for instance.

Litan said companies must take a multilayered approach to combat this threat.

Enterprises should block P2P software and traffic with more than just a firewall policy -- by using network-based intrusion prevention systems or secure web gateway products, she said. Additionally, companies should consider deploying data loss prevention technology or P2P monitoring, and, crucially, encrypting sensitive documents.

“Corporations think they've got it under control, but when people go home and plug in USB drives and work out of hotel rooms there's no control over what gets loaded on that hard drive,” Litan said. “If people aren't careful, their whole hard drive is exposed.”

In early February, Dartmouth College business professor Eric Johnson released a report that detailed the findings of a two-week study monitoring P2P networks for sensitive health-care documents. In all, researchers found hundreds of documents revealing sensitive information on tens of thousands of patients.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.