Cloud Storage Increases Threat To Military Networks
July 23, 2013
SEOUL, SOUTH KOREA - The latest cyber challenge that Army networks in South Korea, as well as the Department of Defense, is facing is the increasing use of internet based, or cloud, storage services which pose network vulnerabilities.
File sharing within DoD networks has its challenges. Over the years and into the future, balancing security, network resources and capability with user convenience has and will continue to challenge Army communicators.
"We provide a critical service to war fighters, that is our mission, that is our priority," said Col. Paul H. Fredenburgh III, commander of 1st Signal Brigade. "To accomplish that mission we hold both cyber security and functionality paramount in the operation of our networks."
There used to be a time when an authorized user could finish a power point presentation, put it onto a flash drive and run it across the street for an important briefing. Today, flash drives have been blocked due to their susceptibility to viruses and other malicious software.
Collaborative tools such as Adobe Connect and Share Point are more secure and have since replaced the need for flash drives in most situations. However, DoD employees occasionally have a need to transfer or share large files outside of their local networks and are just too big for email. A good number of them have turned to commercial solutions to transfer their large work files.
"Most of us are familiar with Dropbox, Google Drive, Sky Drive, and iCloud from our personal computers, so it is only natural to turn to those services while at work," said Lt. Col. Troy D. Lewis, 1st Signal Brigade operations officer in charge. "The problem is, the files are out of the control of DoD security protections. They are stored on civilian servers that can be accessed by personal computers that may be infected with viruses; this serves as a threat if the files are reintroduced to military networks. Additionally, most of the information that is transferred is classified as 'For Official Use Only' which means it is not authorized outside of DoD networks and work places."
Access to these services, by military, civilian, and authorized local nationals, pose an increased security threat to DoD networks because in most instances, the transfer of data occurs over an encrypted link. This hinders the ability of antivirus software to detect viruses, malware, or the unauthorized transfer of government data.
"We are encouraging our users to take advantage of similar services provided by the military; such as milSuite, Army Knowledge Online (AKO), and AMRDEC-SAFE (Safe Access File Exchange)," said Lewis. "These services do the same thing, most people just don't realize that they exist or realize that they provide the services that they need."
MilSuite is a collection of online applications with similar function to Facebook, youTube, Wikipedia, and Wordpress. The apps focus on improving the methods of secure collaboration for the DoD.
AKO provides enterprise information services and is common to a majority of Army personnel. AKO allows users to securely upload, share, and store files and documents.
AMRDEC-SAFE allows DoD members to share files up to 2 GB with other DoD members.
1st Signal Brigade has the direct responsibility for protecting and administering DoD and U.S. Army networks in South Korea as well as well as deploying communications capabilities within the Asia/Pacific region on short notice.