Army Eyes Monitoring Tools To Stop WikiLeaks Repeat

Keystroke monitoring may be just a start as Army seeks ways to sift through soldiers website visits, search queries

Defense Robots: Fast, Flexible, And Tough (click image for larger view and for slideshow)
The Army is looking for a few good tools to help it spot and block insider attacks.
Maj. Gen. Steven Smith, who heads the Army Cyber Directorate, said that putting such software in place is now one of his main priorities, the
Army Times
recently
reported
.
Such software would create benchmarks of normal behavior, then watch for any activity that looked abnormal. So Im on the South American desk, doing intelligence work, and all of a sudden I start going around to China, lets say, said Smith. That might be an anomaly, it might be justified, but I would sure like to know that and let someone make a decision, almost at the speed of thought. He said his desired system would record downloads, Web search queries, and complete keystrokes.
Information security experts said that what the Army is proposing is likely possible. Were verging on the capability of being able to handle, from a technological basis, that quantity of data, said Scott Crawford, managing research director for Enterprise Management Associates, via phone. But can you really automate the process without being overwhelmed by false positives, or stumped by false negatives?
[ Agency officials are struggling with many issues, but
Security Is Top Concern Of Federal CIOs
. ]
The Armys search for new monitoring tools is part of a broader Pentagon push to help detect when any bad actors--domestic or foreign--are accessing military or government networks. But the impetus for this particular wave of improvements can be traced directly to
Army private Bradley Manning
, the former intelligence analyst whos accused of copying sensitive State Department cables and almost 500,000 battlefield reports from Afghanistan and Iraq onto a recordable CD, then releasing them to WikiLeaks. Hes likewise accused of leaking U.S.
helicopter gunship footage
, which WikiLeaks released under the banner of Collateral Murder.
Obviously, the stolen data didnt make the State Department or Army look good. Likewise, WikiLeaks ultimately
released the cables in unredacted form
, which the U.S. government said put at least 100 confidential diplomatic sources at risk.
But questions remain about whether the Armys plan to
analyze keystrokes to spot malicious insiders
would be affordable, feasible, or even help prevent the next big breach. As an anonymous information assurance engineer posted to a related
DataBreaches.net discussion
, technology is only a first step. Someone still has to
investigate potentially malicious behavior
, and that requires substantial time and effort. I see a large stream of data and an overwhelmed staff who eventually cannot keep up. Heck, just look at most places that cant even keep up to look at event logs. Now an additional layer of burden is brought upon an already overworked staff, said the engineer.
Indeed, security experts have suggested that the Armys plan is going to take an army of people to run this stuff, deploy it, analyze the data, and act on it effectively, said Crawford at Enterprise Management Associates. And thats true, to a point. But big data platforms are designed to handle this--though the analytic techniques may still be playing catch-up.
To be clear, he said that the analytic techniques are good enough, but using them in the
big data way
that the Army is proposing will
require advancing the state of the art
. Still, when it comes to crunching big data sets, these are things that the
Hadoop
file system and MapReduce are specifically designed for, Crawford said. They may be able to analyze this in hours instead of days. But is that fast enough?
Hacktivist and cybercriminal threats concern IT teams most, our first Federal Government Cybersecurity Survey reveals. Heres how theyre fighting back. Also in the new, all-digital
Top Federal IT Threats
issue of InformqtionWeek Government: Why federal efforts to cut IT costs dont go far enough, and how the State Department is enhancing security. (Free registration required.)

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Army Eyes Monitoring Tools To Stop WikiLeaks Repeat