In my previous post "What's the potential of the IM security market? Symantec thinks big" I commented on various IM market security trends, namely Symantec's acquisition of IMLogic. It's also worth mentioning how a market leader security vendor was able to quickly capitalize on the growing IM market, and turn the acquisition into a valuable solution on the giant's portfolio of solutions. What's also worth mentioning is the military interest in instant communications in today's network centric warfare powered battlefield. Today I across an interesting recent development, namely that :
"The US Army, Navy, and Air Force have deployed protected interoperable instant messaging (IM) systems among the threebranches. Army Knowledge Online, Navy Knowledge Online, and theAir Force’s Knowledge Management Portal built the IM systems for 3.5 million users from Bantu's Inter-domain Messaging (IDM)gateway, a policy-driven with role-based access controls. The system will carry messages over sensitive and secret networks, and can populate a user's contact list with appropriate officials in the chain of command. Intelligence agencies will hook into the system to work with the military, and the Department of Homeland Security is also interested in the IM system."
Flexible military communications have always been of great importance, and flexibility here stands for securely communicating over insecure channels -- IP based communications. While you might have not heard of Bantu before, to me their real-time network for interagency communication sounds more like a security through obscurity approach -- temporary gain and possible long term disaster.
Could the instant communication finally solve the Intelligence Community's information sharing troubles?
In a relatively recent report I came across, "a survey was hosted on the Secret Internet Protocol Router Network (SIPRNET) so that personnel could respond to the survey from the convenience and privacy of their own workstations." in order to measure the communication requirements of various staff members, some of the findings worth mentioning :
MS Chat was used by at least 50% of all command groups
- 100% of Afloat Staffs, 86% of Carriers, 78% of Cruisers & Destroyers, 50% of Support
XIRCON was used by 28% - 50% of command groups
- 50% of Support, 41% of Carriers, 32% of Cruisers & Destroyers, 28% of Afloat Staffs
Lotus Sametime was used by 0 – 44% of command groups
- 44% of Afloat Staffs, 16% of Cruisers & Destroyers, 10% of Carriers, 0% of Support
mIRC was used by 13 – 33% of command groups
- 33% of Support, 23% of Carriers, 22% of Cruisers & Destroyers, 13% of Afloat Staffs
Lotus Sametime and mIRC seem to be only survirors, still the implications of using the above in respect to the powerful execution of various network centric warfare events, would definitely raise not just my eyebrows for sure. Two years ago, led by IMLogic a consortium on IM threats was established, the IM Threat Center, an indispensable early warning system for anything related to IM malware.
Would age-old IM threats re-introduce themselves on military networks like never before? Whatever the outcome, information overload wouldn't necessarily be solved through instant communications, but in a combination with powerful visualization concepts as well.
The post recently appeared at LinuxSecurity.com "IM me" a strike order"
Technorati tags:
Security, Military, IM, Technology, Symantec, Bantu
Wednesday, April 12, 2006
"IM me" a strike order
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com