• On The Insider: Britney's Bikini-Clad Top 10
February 28, 2009 4:06 PM PST

Data about Obama's helicopter breached via P2P?

by Charles Cooper
  • Font size
  • Print
  • 57 comments
President Obama's first flight in Marine One.

President Obama's first flight in Marine One.

(Credit: White House)

An Internet security company claims that Iran has taken advantage of a computer security breach to obtain engineering and communications information about Marine One, President Barack Obama's helicopter, according to a report by WPXI, NBC's affiliate in Pittsburgh.

Tiversa, headquartered in Cranberry Township, Pa., reportedly discovered a security breach that led to the transfer of military information to an Iranian IP address, according to WPXI. The information is said to include planned engineering upgrades, avionic schematics, and computer network information.

The channel quoted the company's CEO, Bob Boback, who said Tiversa found a file containing the entire blueprints and avionics package for Marine One.

"What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One," Boback told WPXI.

Tiversa makes products that monitor the sharing of files online. A representative for the company was not immediately available for comment.

Boback believes that the files probably were transferred through a peer-to-peer file-sharing network such as LimeWire or BearShare, then compromised.

Charles Cooper has covered technology and business for more than 25 years. Before joining CNET News, he worked at the Associated Press, Computer & Software News, Computer Shopper, PC Week, and ZDNet. E-mail Charlie.
Topics:

Privacy & data protection,

Vulnerabilities & attacks

Tags:

P2P,

Marine One,

Obama helicopter,

Iran

Share:
Digg
Del.icio.us
Reddit
Recent posts from Security
Log in with your face
See what's under McAfee's new interface
26 Windows, Office holes patched in 13 bulletins
McAfee: Spammers exploiting more news stories
Microsoft, Google split over browser bug bounty
Verizon temporarily blocks some 4chan sites
Security software maker Vitamin D exits beta
China breaks up Black Hawk hacking ring
Related
New year, new policy push for universal broadband
Web searches for iPad leading to malicous sites
FCC wades through Net neutrality comments
Behind the China attacks on Google (FAQ)
At stake in broadband push: Wireless spectrum
State Dept. presses China ambassador on Google
Reporters' Roundtable Podcast: Google vs. China
Government warns of looming cyberthreats
Add a Comment (Log in or register) Showing 1 of 2 pages (57 Comments)
by ddhboy February 28, 2009 4:51 PM PST
I hope someone told the Obamas to turn of Limewire while their in the White House.
Reply to this comment
by Imalittleteapot February 28, 2009 11:48 PM PST
Too late now. Now the RIAA is just going to have to sue Obama for $100,000 per song. Yup. That'll teach him.
by txlakeside March 2, 2009 1:16 PM PST
DA ... a contractor had the p2p installed not OBAMA ... what a moron!
by ddhboy March 5, 2009 1:57 PM PST
@xlakeside<br />I see that humor isn't your area of expertise.
by terminalblue February 28, 2009 5:40 PM PST
seriously, if Obama is using Kazaa, then we are all ****** <br /><br /><br /><br /><br /><br /><br /><br />(its sarcasm, no one uses Kazaa)
Reply to this comment
by gerrrg February 28, 2009 5:46 PM PST
Maybe the title should read, "Data regarding Obama's helicopter breached via P2P?"<br /><br />For a moment I thought data onboard the helicopter itself was compromised.
Reply to this comment
by Michichael March 1, 2009 2:57 AM PST
Yeah, misleading title. I thought the helicopter's computers were breached, not the schematics.
by cjalba March 1, 2009 3:20 AM PST
yeah, i agree, title is misleading. I almost panicked.
by dennisl59 February 28, 2009 6:01 PM PST
This is just f-ing great! Good Job Federal Government. MORONS!!! <br /> <br />We need to know who this is: <br /> <br />"What appears to be a defense contractor in Bethesda, Md" (General Dynamics, SAIC...???) <br /> <br />Who and how many employees are being fired and arrested by the FBI and were they on a H1B visa.? <br /> <br />Citizens, this is Espionage!!! <br /> <br />FUBAR
Reply to this comment
by defense10x March 1, 2009 6:06 AM PST
Well...Lockheed Martin...who is building the next presidential helicopter (which this issue is probably about) is headquartered in Betheda, Md. Their helo..VH-71 is under heavy scrutiny by the administration as well as the senate.
by inverse137 March 1, 2009 3:15 PM PST
First off, it says in the article that it was a contractor that had the compormised computer, not a government employee: "What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One."<br /><br />Second, you obviously have some sort of white supremacist, hillbilly NRA agenda. Why don't you just come out and say it?<br /><br />Third, reading is fundamental. Perhaps you should memorize that slogan.<br /><br />[Editor's note: Personal attacks removed]
by Seaspray0 March 4, 2009 8:41 AM PST
@inverse137. Have you ever seen the white supremacist hillbilly NRA agenda? I'm not supposed to tell but... "1. Get beer. 2. Drink beer." Now what's so wrong with that? I think it's a great agenda. Where can I sign up?
by mikestatic1 February 28, 2009 7:41 PM PST
I'll bet the RIAA is going to sue Obama for sharing MP3's on Limewire...
Reply to this comment
by tehrani625 February 28, 2009 8:00 PM PST
So, our government is contracting to companies that use P2P software that is used to break copyright laws? That means that the recovery package will include free itunes gift cards right?
Reply to this comment
by shootthecops February 28, 2009 8:03 PM PST
funny it takes place in iran too, hope the US govt has the sense not to fly him around in that thing after all the security details have been leaked.
Reply to this comment
by pbradleyii February 28, 2009 9:40 PM PST
This is just an excuse for President Obama to go ahead and get the snazzy new billion dollar helicopters that are already being developed and built for the president after he said he didn't need any new helicopters. <br /><br />"Well, I really don't want to spend the taxpayers money, but now with this data breach we have to get the new choppers..."<br /><br />I don't blame him, I'd go for the new ones also.
Reply to this comment
by BigOldCar March 1, 2009 6:37 PM PST
Um, no, I'm pretty sure it's the blueprints to the NEW helos that were leaked, seeing as the existing fleet of Marine One helicopters has been ferrying around POTUSes since Nixon.
by ecotopian--2008 February 28, 2009 11:13 PM PST
Somebody at that Defense Contractor outfit is going to be in Very Big Trouble.
Reply to this comment
by tketcher March 4, 2009 10:30 AM PST
Yes, among other crimes he would likely be charged with is Treason and rightfully so.
by adamfisk February 28, 2009 11:51 PM PST
As a p2p developer who wrote a good deal of the LimeWire code, I'm highly suspicious of this claim. For this to be true, the employee at the defense contractor would have to explicitly share the file containing blueprints for the helicopter, i.e. they would have explicitly wanted to make that information available. This would be less a "breach" than an intentional sharing of confidential data -- more like a spy than some infiltration.<br /><br />What's more, how do they know it was breached via p2p and not via another attack on open ports on the computer? It's not trivial to determine that. Just blame ol' p2p is the easy answer, but likely not the correct one.<br /><br />-Adam Fisk
Reply to this comment
by AdeBarkah March 1, 2009 12:37 AM PST
Explicit sharing is not necessarily needed.<br /><br />Unintended p2p breaches usually happen because someone in an organization installed a compromised p2p client, i.e., one containing a backdoor, trojan, keylogger and/or other malware. The compromised client then sends out confidential information along with other p2p traffic. Social engineering could be used to entice someone inside a targeted organization to install the compromised client.<br /><br />I don't have first-hand info into this incident, but presumably Tiversa during their traffic analysis noticed that this particular file was actively being shared via some p2p protocol.<br /><br />Looks like this particular organization needs to implement an effective data-leak prevention program.
by japrovo88 March 1, 2009 10:39 PM PST
I would agree with AdeBarkak, I work computer support for my university, I get to remove the mail \ware crap daily, one thing I noticed when all the students came back from winter break was that almost all mailware cases had a compromised p2p clients with some really nasty back doors. Since P2P is blocked on campus this problem only occurs after breaks I am not looking forward to coming back from spring break.
by adamfisk March 2, 2009 12:01 AM PST
@AdeBarkah What you're talking about has nothing to do with p2p or not-p2p. You're saying "software can get infected with backdoors, trojan, keylogger and/or other malware." As in, the browser you typed that on is just as vulnerable as any p2p program, just as vulnerable as Microsoft Word, Skype, AIM, etc etc etc. Come on -- as someone who clearly has an understanding of this stuff, you have a responsibility to make that kind of thing clear. There are so many ports listening on Windows, p2p is hardly the primary target of this type of thing. What's more, he's not even saying it was a compromised p2p client -- he's just saying a plain old vanilla one was friggin' installed.<br /><br />They noticed it being shared on a p2p network, *but that doesn't mean it was the cause of the breach*. For all we know, or Tiversa knows for that matter, it was flying around in e-mail all over the world before ever winding up on a p2p network. That's just where they happened to find it (again, in Iran, shocker of shockers).
by Anti-Obama March 1, 2009 6:01 AM PST
How much do you want to bet that it was no f'ing "breach" of security? More like that maybe some individual's personal Blackberry that only a select few are able to comm with may have been involved, hmm? There just so happens to be someone who is a passenger on that chopper that does not have the best interest of the USA on a regular basis. In fact his citizenship is becoming a growing question and concern among a growing portion of the population right now! I won't tell you his name but his intials are Barak Obama/Soetero who just so happens to be a fan of Ahmadinnerjock. There is way too much monkey business going on in DC these days, how much is actually being observed?
Reply to this comment
by cidman2001 March 1, 2009 6:48 AM PST
Step away from the tin foil....you obviously don't need a new hat...
by Dylan_Wisor March 2, 2009 5:21 PM PST
You're behind the times. People stopped calling his citizenship into question months ago.<br /><br />Also "Barak Obama/Soetero" are not initials.
by chicagonettech March 1, 2009 7:07 AM PST
Whether or not an actual breach of security took place, if an actual file was found on a computer outside of the contractor's facility, this situation needs to be investigated. <br /> <br />There have been too many unaccounted laptops and hard drives in recent years. There have been too many actual instances of data leaking out of facilities for this to be ignored. <br /> <br />In the interim, all computers on the contractor's network need to be disconnected from the world - shutdown if necessary. While many will consider this a radical step, there is nothing too radical when it comes to absolute computer security in a defense contractor or high-level government environment. <br /> <br />We're not talking about someone?s rights to load software on a computer here. We're not talking about someone's right to share files with friends. Those rights end when you go to work for defense contractor. You authorize inordinate supervision and surveillance of yourself, your family and your friends as soon as you accept such a job - willingly. <br /> <br />Carelessness and sloppiness - "we can bend the rules just this one time" - is unacceptable when it comes to national security. <br /> <br />A complete audit of the contractor's facility, done by someone like the FBI, now needs to be made. <br /> <br />They need to investigate who has access to what computers, what knowledge, how the internal data flow take place, how social engineering security is handled, etc. Defense contractors need to be "squeaky clean" before they are allowed to continue once a date breach has even been alleged.
Reply to this comment
by gggg sssss March 2, 2009 4:00 PM PST
microsoft digital rights managemnet is the answer here of course. Go M$
by Seaspray0 March 4, 2009 8:50 AM PST
@gggg sssss. It's the data that contains DRM, not the operating system. You've been told this before so quit acting ignorant. As for DRM, it's an industry standard based on computer certificates. If you want to compain about that, you'll be taking on verisign, thawte, go daddy, and every website that offers a secure SSL connection.
by nowaygop March 1, 2009 7:16 AM PST
wow, it must be tough to live your life completely paranoid Anti-Obama....or maybe your just carrying forward to the distrust created by our last dumb ass republican leader
Reply to this comment
by chicagonettech March 1, 2009 7:29 AM PST
On the contrary - I voted for Obama - he's was my Congressperson prior to being elected to President. <br /> <br />I just believe in being paranoid about all kinds of security - especially computer security - where I have worked for the last 25 years without incident. There are certain jobs where you give up some of your ability to interact on the same social level you might have been accustomed to acting prior to accepting those jobs. Working for a defense contractor is one of them. Just like working for the FBI, an one of the several other intelligence communities, or being a member of the military is another. <br /> <br />I fully support both Obama and his desire to be open and transparent about what goes on in government. His use of the Internet to communicative with the American people is unprecedented and will ultimately be of great benefit. <br /> <br />When it comes to the security of contractors who are working on projects for the military, however, there is no place whatsoever for compromise. If the plans for Marine One were actually compromised then the situation borders on treason and should be treated accordingly.
by ralfthedog March 2, 2009 7:36 AM PST
I think he was talking about the comment by the paranoid wackjob named Anti-Obama. Your comment was perfectly reasonable.
by ferretboy88 March 1, 2009 7:30 AM PST
The guy who did this should be killed.
Reply to this comment
by dennisl59 March 1, 2009 11:40 AM PST
I will bet ONE(1) TRILLION DOLLARS, of the Government's Money, the person that did this is on a H1B Visa. <br /> <br />OR <br /> <br />They hold the DOD Top Secret/SCI Polygraph;Lifestyle Clearance or above. <br /> <br />Either way...They will not be prosecuted to the fullest extent of the law: Life in Prison without Parole in SuperMax. <br /> <br />Anyone care to wager?
by Dylan_Wisor March 2, 2009 5:23 PM PST
Oooh, ahhhh. Someone's been reading Tom Clancy novels.
by blablainFargo March 3, 2009 10:55 AM PST
And I bet TWO (2) TRILLION DOLLARS, that the person is not on an H1B visa. Typically this kinds of jobs require some security clearing and require citizenship. You can even get a job at the USDA working with plants without citizenship. Besides, you don't have to be a foreign to become a spy o have interest in damaging the USA, remember Julius and Ethel Rosemberg or Aldrich Ames. I suspect you and others trying to blame this on foreign workers are a little bit over-paranoid and xenophobic.
by skyscraperjim March 1, 2009 9:12 AM PST
Loose lips sink ships.
Reply to this comment
by 451422 March 1, 2009 11:22 AM PST
Here we go. First the nim-rod claims during his campaign he'd give four days notice before signing the recovery plan. Right, he went on vacation and the recovery.gov site didn't go up until a day before. Then he insists on keeping his BlackBerry (that will get breached next). Now he's a dingleberry with this stunt. God help us all.
Reply to this comment
by JimJonesBlog March 1, 2009 11:41 AM PST
If I didn't know better, I would think you voted for McCain. lol<br /><br />You do realize that this breach was due to an employee working for a private defense contractor? That it has nothing to do with Obama or the White House? <br /><br />You do realize that a breach of this nature will make Marine One vulnerable to attack and therefore Obama's life is in danger should he use this air craft in the future? <br /><br />Btw - He indicated weeks before Congress passed the recovery bill that he planned to sign it on President's Day. The bill was passed on a Friday and he signed it on the following Tuesday... Fri, Sat, Sun, Mon, Tues... How many days was that? He said for several weeks that as soon as the bill is signed, Recovery.gov would go live. The site went live about an hour before he signed the bill. And in this day in age, wouldn't you rather have a president that uses modern technology like a Blackberry rather than sitting around a desk and handwriting letters? <br /><br />God, please help 451422.
by ralfthedog March 2, 2009 7:40 AM PST
The Blackberry is not for official use. It is so he can send text messages to his kids, wife, and friends. If he needs to communicate in an official matter, one of his Secret Service agents hands him a different device.
by podpalacz March 1, 2009 11:42 AM PST
what is so secret about it? you don't need any plans to KNOW that this halo is equipped with best missile countermeasures available ,extra fuel ,most likely armored etc.<br /><br />now how possibly can you use it against this chopper?<br />much more viable data is flight plans and patterns - you could potentially use it to set an ambush or something but as soon as breach is discovered everything is changed .<br />you have question -is this being used to warn Iran that WE CAN FIND A REASON?(just like previous administration did on Iraq) <br />When I hear news like this I think it means smoke curtain for something bigger.
Reply to this comment
by ralfthedog March 2, 2009 7:46 AM PST
Where is the armor thin? Where are the fuel lines? What ECM does it use for radar guided missiles? (How can you use this to guide a missile in?) Where are the antennas used for ECM? ...
by Seaspray0 March 4, 2009 8:57 AM PST
@ralfthedog. I don't know. Maybe you should ask that guy in Iran who has that IP address.
by kurtjr March 1, 2009 11:43 AM PST
I love how everyone is blaming Obama. Idiots.
Reply to this comment
by SeizeCTRL March 1, 2009 1:14 PM PST
After 8 years of everyone blaming Bush, it's kind of refreshing having someone new to blame ;) <br /><br />I kid I kid! Seriously though, I know what you mean... it has nothing to do with Obama. It was a defense contractor and these choppers were already on order from the Bush administration.
by Cessna707 March 1, 2009 12:35 PM PST
Perhaps we can thank who for this failure? Where are the Chuck Norris's in our government to kick some butt and get everyone on the same page. So what do we do now? More wasted money.
Reply to this comment
by sirpig March 1, 2009 1:30 PM PST
espionage is a "daily" reality. Evidently stolen data is not the first time this has happened nor will it be the last. Everyone "takes/steels" information, the Russians from Chinese, the Chinese from Americans and the Americans from the Russians. "This has become an ongoing norm". And just because you heard about it and want to jump up and down and see someone take a fall. Maybe out a CIA agent?
Reply to this comment
Showing 1 of 2 pages (57 Comments)
advertisement

Google's social side aims for some Buzz

Facebook and Twitter are the darlings of the social-media world, not Google--which hopes to change that with Buzz, betting it can organize your online social life.

Watching the birth of a gaming start-up

Stewart Butterfield and his friends are back at it with a new company. CNET's Daniel Terdiman was given exclusive, behind-the-scenes access as they built it from scratch.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET