Pages

Monday, August 26, 2019

The Navy Cloud

Breaking Defense website has an article announcing the Navy’s push to convert from multiple networks to a single Amazon Web Services cloud based data storage/sharing system. (1)

While the benefits are obvious and loudly trumpeted by the Navy, the dangers are waved away and not discussed. 

To illustrate, in my personal life I’ve moved to a 100% local data storage system, meaning, all my files are on jump drives in my possession.  I have no data files on my PC, whatsoever, and none on any cloud service.  Why?  Because there is no such thing as a secure Internet/cloud system.  Every system has been and will repeatedly be compromised.  It’s not through lack of effort by the system owners.  It’s simply impossible to protect data that can be accessed and, indeed, is designed to be accessed. 

My jump drives, on the other hand, cannot be accessed.  They are completely secure.  When I access them, I do so on an isolated computer that acts as a connectivity gap.  The modified files are then loaded on a dedicated transfer jump drive for subsequent uploading to the Internet on a dedicated and protected PC.

Think about the last few years.  Every company swears to us that if we’ll give them our data as we conduct transactions with them, the data will be protected and secured on their impenetrable networks and, yet, we hear week after week about another major company whose data has been compromised.  How many times have you been warned that your personal data, being held by xxxx Corporation, may have been compromised and that you should change your passwords (at that point, they’ve already got your information – changing your password is pointless but if you want to secure the barn door after the horses have left, go ahead)?

So, I pose the question, why do we believe that Amazon Web Services will be somehow immune to the now routine hacking that every other company is subject to, and victim of?  The answer, if we’re being honest and realistic, is that the Navy’s Amazon cloud will be just as vulnerable as every other system.  I know, people are going to write comments about the latest ten thousand bit encryption protection system or whatever.  You know … the same kinds of protection that every other hacked system has had.

Another drawback to consolidating all of the Navy’s information is that if when an enemy does successfully hack the system, they’ll get EVERYTHING.  The current situation, where data resides on many different systems may be inefficient but at least it has the unintended benefit of limiting the amount of data that any one successful hack can acquire.

Okay, so there are dangers associated with this cloud data storage that the Navy has not bothered to share with us but is that the end of the story?  Not quite.  What have we constantly said about military programs?  We’ve said that everything should run through the filter of, “will this improve our combat capability”?  If the answer is no, we shouldn’t be doing it (oops, there goes our gender sensitivity training!).  If the answer is yes, then we’re okay.  So, does moving to cloud storage, with its attendant dangers, improve our combat capability?  Let’s see what the Navy has to say.

One of the biggest benefits to the Navy, Geurts [Navy acquisition chief James Geurts] said, is that sailors and civilians on the pier or on the flight line will be able to reach into the cloud to keep an eye on parts bouncing through the pipeline …

Okay, tracking spare parts is certainly a peacetime convenience.  Whether ‘keeping an eye’ on parts will actually produce the requisite number of parts or simply allow people to verify that the parts are unavailable, is not clear.  Currently we suffer from a lack of necessary parts.  Being able to track that isn’t going to produce the non-existent parts, it will just verify what we already know.  Now, if we have plenty of parts but we’re having problems shipping the parts to the needed locations then this might help.  Of course, we already have multiple systems that are intended to do that so why this system will work and the others haven’t, has yet to be explained by the Navy.  Well, I’ll explain it to you.

The problem with current systems is not that they can’t track a part – that’s computing child’s play - , it’s that the data inputs are garbage and you know the ancient computer axiom:  GIGO (garbage in, garbage out).  Heck, it’s scratched on cave walls!  We’re not taking the time to accurately input parts inventories.  Well guess what?  If we don’t accurately input parts inventories to the cloud, it will be just as inaccurate as what we have now.  ‘The Cloud’ is not magic.  It’s only as good as our data inputs which, apparently, are horrendous.  That’s not going to change.

Moving on …

Simply put, “it will increase the visibility of the data,” Navy Comptroller Thomas Harker added. “Right now, in order to run audits the Navy has to pull data from nine different systems, not all of which are configured the same, and then slice it and dice it and put it all together.” Working that way is time consuming, and “creates challenges in financial reporting.

So, this will allow for easier, more accurate(?) audits.  That’s nice but that does nothing for our combat capability so why are we doing this?

Any other benefits?

If the Pentagon fails to build a common system to share data rapidly among units in different services and different globally-dispersed theaters, it’ll fail to implement the kinds of high-speed, AI-assisted Multi-Domain Operations that military leaders say are imperative in potential future conflicts against advanced adversaries.

So, this cloud will somehow, in some unexplained manner, provide ‘high-speed, AI-assisted Multi-Domain’ operations.  Buzzword bingo, anyone?  Sure, the enemy will be raining old-fashioned artillery shells down on us but we’ll crush them with ‘high-speed, AI-assisted Multi-Domain’ operations.  The poor bastards will never know what hit them. 

When you don’t have any good justification, just string together a bunch of buzzword phrases.  This looks to be a perfect example of that.

This cloud effort sounds like an exercise in convenience rather than combat capability.  It also sounds like a venture that has a lot of potential for profound, unintended, negative consequences.  Hey, China, would you like one-stop shopping for all of our data?  Come hack the cloud!


____________________________________ 

Side Note:  F-35 ALIS Case Study in the Making

The Air Force, frustrated with the abject failure of the F-35 ALIS logistics and combat planning software, has instituted a ‘Mad Hatter’ program to transfer the ALIS functionality (the theoretical functionality because, you know, there is no actual functionality!) to cloud servers and a bunch of apps.  In addition to being non-functional, ALIS is also, apparently, quite vulnerable to cyber attack.

… with the current setup, ALIS may be so vulnerable that Robert Behler, the OTE [Director, Operational Test and Evaluation – DOT&E] director, thinks the program should be able to operate for a month without hooking up to it at all. Now that’s a bad sign. (2)

So, as with the Navy’s plan to migrate to cloud storage, no one is explaining how ‘the cloud’ magically eliminates cyber threats whereas the previous, highly encrypted, well protected computing system could not. 


____________________________________

(1)Breaking Defense website, “Navy Takes First Big Step To Cloud, Pushing Logistics To Amazon’s Service ”, Paul McLeary, 23-Aug-2019,
https://breakingdefense.com/2019/08/navy-takes-first-big-step-to-cloud-pushing-logistics-to-amazons-service/

(2)Defense News website, “Air Force Tries To Fix F-35’s ALIS — From A Big, Broken Box To the Cloud ”, Colin Clark, 6-Mar-2019,
https://breakingdefense.com/2019/03/air-force-moving-f-35s-alis-from-a-big-broken-box-to-the-cloud/

47 comments:

  1. I love your posts, but I am going to disagree with you here: A single-vendor cloud environment is a good idea for the Navy. It’s probably one of the only good ideas I’ve seen in the past few years, in my opinion.

    Unlike other commercial companies that most people deal with that basically just give a pinky promise to protect your information, the Navy will almost certainly be running its own virtual datacenters from within Amazon's environment. That means the Navy controls their servers, internal networks, and access controls. The Navy can still segment its data off within Amazon's services, can still encrypt its data, and can take other data loss mitigation efforts. The Navy most certainly isn’t turning over the keys to the kingdom to Amazon.

    Amazon will probably just be in charge of providing and protecting the physical hardware... which is located in a series of Fort Knox-style datacenters that already host other services' data.

    And yes, buzzwords suck. Someone is itching to get promoted.

    ReplyDelete
    Replies
    1. What you just described, has been what every large corporation that's been hacked described before they were hacked. Every corporation has their own isolated, encrypted, controlled, regulated, protected servers and networks and, yet, they still get hacked.

      If you've been following the news closely, you've noted that the US military is hacked on a regular basis despite having all the protections you've described - and those are only the attacks that have been publicly acknowledged! The US acknowledges that China probably has all the design data on the F-35, for example, despite our best efforts to secure and protect it.

      I can go on and on with examples but if you're commenting on this then you presumably know the list of cyber security failures as well as I do. Despite this, you now claim that this venture will be different. This venture will be the one that no one can hack. Well, that's faith and blind hope. Unfounded faith. Historically contradicted faith. But faith nonetheless.

      Have you been reading the DOT&E annual reports that document the military's cyber vulnerabilities? They're staggering! But this venture will be secure!

      Of course the Navy is going to take all the preventative measures it can - just like every hacked company has done and many of those companies had better IT groups than the Navy has! - but the simple fact is that there is no hack-proof system.

      I assume you're familiar with the Pentagon's recent annual hack-a-thons where they pay hackers to attack systems so as to find the vulnerabilities (a great idea, by the way)? Every time they do that, they get dozens to hundreds of successful hacks within the first 24 hours and that's with all the protections that you mention. But this venture will be secure!

      I'm glad that you enjoy the posts and I thank you for letting me know that but I've got to disagree with your disagreement. After everything I've just laid out, are you still sure this venture will be secure? By the way, you might want to do an Internet search of the multiple reports that Amazon has been hacked multiple times.

      Are you still sure?

      Delete
    2. It’s not that moving to AWS will make the Navy's computers invincible (that’s impossible). What it will do is make it better than what the Navy has now, which is a disjointed and woefully insecure series of networks.

      “After everything I've just laid out, are you still sure this venture will be secure? By the way, you might want to do an Internet search of the multiple reports that Amazon has been hacked multiple times.”

      Please define “secure.”

      Delete
    3. secure = unhackable

      Also, to return to the point of the post, how will this improve our combat capability?

      Delete
    4. [Note- my apologies, I failed to hit the reply button to you post and instead created a new top-line reply. Feel free to curate!]

      "secure = unhackable"

      This is impossible.

      "Also, to return to the point of the post, how will this improve our combat capability?"

      Directly? Hardly at all.

      Indirectly? Definitely. The Navy should expect significant increases in uptime and availability just from having a stable environment for its servers. Just that alone improves the logistics pipeline.

      Delete
    5. "Note- my apologies, I failed to hit the reply button to you post and instead created a new top-line reply."

      No apology needed. This blog system is not very user friendly, at all. I struggle with it, too. Unfortunately, almost none of the user interface is controllable by me so there's almost nothing I can do to enhance it.

      Keep commenting and don't worry about where it ends up.

      By the way, while I'm disagreeing with you, your comments are contributing to a worthwhile discussion for readers to think about. I'm not interested in 'winning' the discussion, just in exploring it and you're aiding in that effort. Thanks!

      Delete
    6. Most IT people regard cloud services as more secure than other kinds of networks, not less.

      Delete
    7. Would these be the same IT people who worked at any of the dozens of major companies that have suffered data breaches over the last few years? I'm guessing that most of these companies had cloud-based data systems.

      Delete
    8. It'd almost certainly be a mixture.
      Most companies are still transitioning their legacy systems to AWS or Google cloud networks.
      The reality is that any network is inherently vulnerable.
      Cloud networks are just vulnerable in different ways. It's as secure as you make it. Same thing applies to older networks.
      The biggest single danger of cloud networks is actually insider hacks.
      But overall, implemented correctly, cloud networks can become much more difficult to penetrate and when access is gained, the information exposed can be more easily isolated.
      But, like I said, its only as secure as it's architecture and the ability for the peolle using it not to allow unintended access.

      Delete
    9. Actually, the vast majority of data breaches aren't cloud based and cloud has basically nothing to do with security in general.

      The US military IT issues, largely stem from having 10k+ different environments and systems with cut rate IT running things.

      That's not what is being considered here. This would be a private cloud system administrated and run by AWS in the same vein as the AWS cloud that is run for the intelligence services. It would be top notch physical and digital security practices along with top end operations and operations people.

      Delete
  2. "secure = unhackable"

    This is impossible.

    "Also, to return to the point of the post, how will this improve our combat capability?"

    Directly? Hardly at all.

    Indirectly? Definitely. The Navy should expect significant increases in uptime and availability just from having a stable environment for its servers. Just that alone improves the logistics pipeline.

    ReplyDelete
    Replies
    1. "This is impossible."

      That's my point. There is no security benefit to be gained from this move and several attendant dangers to go along with the convenience benefits. Is it worth it, overall? Hmm …

      "Indirectly? Definitely. The Navy should expect significant increases in uptime and availability just from having a stable environment for its servers. Just that alone improves the logistics pipeline."

      That's a very debatable proposition. How is this going to be more stable and provide more uptime? Are the current servers somehow inherently less stable? I don't think so. Unless the Navy has been grossly neglecting their server maintenance (as they do ship maintenance!), the servers will experience the same uptime and failure rate that any servers do. So, no gain there.

      Now, the possible benefit … Will a 'better' database help with ship/aircraft maintenance and availability? Well, the major problem, according to reports, is lack of spare parts - they just aren't there. They're no longer manufactured, they were no ordered in correct quantities, the spares budget is too small, etc. No database can create new parts that don't exist. So, the database won't help with that.

      What it could help with is the smoother flow of existing parts. I say could because the database software is only as good as the data input and, as I pointed out in the post, another major problem is incorrect and missing data input. Again, no database can create good data out of bad or missing data. So, no help there.

      So, we have two major problems:

      1. non-existent parts
      2. incorrect/missing data

      and one minor problem:

      1. poor tracking of existing parts

      So, this move won't and can't help with the two major problems and might help with the minor one. So, once again, how does that translate to improved maintenance and combat capability?

      Consider this all-too-likely scenario: The aircraft is missing several parts. The new database works flawlessly and gets two of the parts instantly into the hands of the maintainers. However, two more parts simply don't exist and yet another two parts exist but no one has entered their data and location and no one knows where they are, if they even exist. Thus, the aircraft continues to sit. The new database did nothing to increase the aircraft's availability.

      What this new database might do is to provide more reports and marginally help with auditing - neither of which are productive or combat related.

      You clearly love the idea of streamlined, new database. That's fine. However, when I run it through the filter of combat improvement, as noted in the post, I get an answer of very little combat improvement which makes me question whether it's worth the effort. Remember? If it doesn't enhance combat capability, we shouldn't do it. It might enhance report writing or audits but those are conveniences, not warfighting.

      Delete
    2. “There is no security benefit to be gained from this move and several attendant dangers to go along with the convenience benefits”

      I disagree- there is an enormous security improvement opportunity. Just because we can’t have perfect security doesn’t mean it can’t be any better. The Navy is going to be consolidating their many different systems into one environment. The Navy can now better manage security standards across a single environment. Contrast this with a multitude of different networks that have to be individually managed and patched.

      The Navy directly identified having multiple networks as being a security risk due to its difficulties managing them, and this is one of the reasons they’re going this route.

      “Unless the Navy has been grossly neglecting their server maintenance (as they do ship maintenance!)”

      If there’s one truism in non-IT organizations, is that IT is treated worse than the rest. If the Navy’s warfighting is suffering, I can only imagine how poor their IT is "under the hood."

      Anyways, AWS advertises a 99.99% uptime percentage SLA. I don’t know the Navy’s current uptime figures (I suspect they are classified), but I bet they’re far worse.

      “Now, the possible benefit … Will a 'better' database help with ship/aircraft maintenance and availability?”

      Everything I have read said that Amazon is running the server hardware, not running the applications. Unless more details come out spelling out what is entailed, it is too early to know whether Amazon can improve on the applications that the Navy is using.

      This means that it'll be the same programs run by the same people on the same virtual computers but on different physical hardware which is on the same network.

      But I hope the Navy eventually does upend the way things have been going. The Navy and Marine Corps were operating in the technological dark ages back when I was in uniform. NMCI was (and still is) a joke.

      “Remember? If it doesn't enhance combat capability, we shouldn't do it. It might enhance report writing or audits but those are conveniences, not warfighting.”

      Unless we sidetrack into a cyber warfare tangent, this is entirely about logistics. It’s about being efficient in the Navy’s resources and those improvements being leveraged for future improvements.

      Delete
    3. "Contrast this with a multitude of different networks that have to be individually managed and patched."

      That's an issue of convenience, not security.

      Delete
    4. "That's an issue of convenience, not security."

      It can be both.

      The Navy has a sprawling landscape and multiple environments. When management fails (as the Navy now admits it has failed), then that management failure becomes a security failure.

      A unified structure makes it easier to manage.

      Delete
    5. "A unified structure makes it easier to manage."

      Potentially. However, if the Navy has failed to secure (to the extent possible) its current servers, why would we believe it will secure these new ones? Analogously, if the Navy has failed to provide proper maintenance for its ships (and it's explicitly admitted that) why would we think they'll take better care of new ships?

      The answer, in both cases, is likely that they won't. Therefore, it's quite likely that this system will be just as poorly managed as the other systems only with the added benefit (for the Chinese) of having all the data in one convenient location for the Chinese to hack.

      Delete
    6. "However, if the Navy has failed to secure (to the extent possible) its current servers, why would we believe it will secure these new ones? "

      If we accept the assumption that the Navy can't succeed no matter what it does, then we're fucked no matter what we do. One system or twenty, the Chinese will own us regardless of what we do.

      But we don't have to accept that assumption (I certainly don't). A unified, stable infrastructure will provide both increased security as well as convenience because it is easier to manage, offsetting the added risk of making AWS a bigger target for the Chinese than they already are (if that is even possible).

      Anyways, I am actually kinda surprised you think this is a bad idea, CNO, since this is right up your alley:

      The Navy has acknowledged it sucks at a non-combat job, and is moving more of that job over to the civilian sector (who can probably do it better and cheaper), freeing up Navy resources to focus on combat operations.

      Delete
    7. "kinda surprised you think this is a bad idea, CNO, since this is right up your alley:"

      1. I'm not saying it's a bad idea. I'm saying that the idea comes with a lot of dangers that the Navy hasn't even mentioned and has likely not considered. I'm also saying that the Navy had demonstrated an inability to secure other data systems so why would this be different. There's nothing inherently magical about Amazon servers. We're going to go from many unsecured data systems to one mammoth unsecured data system.

      2. I'm against ANY project, idea, or action that doesn't enhance combat capability and this one does very little to enhance combat capability.

      I think we've each laid out our positions and I have nothing more to offer on this. I'll leave you with the last word, if you wish to add something more. Thanks for the discussion and, by the way, I hope you're right and I'm wrong about the security issues!

      Delete
    8. 1) the navy won't be running the systems. That's the entire point of the contract. To get the navy out of the bulk day to day IT work for which they are under qualified and not competitive for. They will contract it out to a T1 cloud provider to run a private DOD cloud. That T1 cloud provider lives and breathes IT as their core business and are on the absolute cutting edge of security and vulnerability issues.

      2) this will take massive amounts of poorly managed individual networks and replace them with a single management point run by a professional company that literally does this as their core mission.

      Also, USB isn't at all secure. It is an entire computer sitting on that stick and they can and have regularly been hacked and trojaned. USB is inherently insecure. There is a reason that they epoxy any USB ports at anyplace that cares about security.

      Delete
    9. Hmm … The AWS power failure and lost data that just occurred is yet another example that the AWS is just a server - no better or worse than any other.

      Delete
  3. Hello, I'm enjoying your site. My Dad was an old blue water sailor during Was and served on the USS Utah (sunk at PH - he swam ashore and hunkered down in trench) as well as the USS Ralph Talbot (DD-390). He loved the Navy and it distressed him to see what he regarded as deterioration of standards.

    The 2003-2009 reiteration of the BattleStar Galactica TV series is a good example of what happens if all data is shared.

    ReplyDelete
    Replies
    1. Welcome and thanks for sharing your father's story.

      Yes, that show did illustrate the dangers in total connectivity and we seem determined to head down that path!

      Delete
  4. The 70's and 80's had the combat memo. The 90's had the combat email. Perhaps the cloud services will include a combat tweet app. If we connected to our ship properly we could have watch standers tweet their status.

    Lookout tweets, "Yep Skipper, I think you might be right. I did overlook that reef under us."

    Tell me that's not a useful combat utility.

    ReplyDelete
  5. So the Navy is forgoing redundancy for more "convenience," understandable from a business perspective. From a military perspective, it's a single point of failure...

    I expect, when it becomes operational, it will quickly be compromised. Not because it isn't sophisticated, but because statistically it will have flaws that will be discovered and exploited before we identify the and repair them.

    ComNavOps, in addition to data theft, what else can be done to this network to undermine our military-industrial capability?

    ReplyDelete
    Replies
    1. "in addition to data theft, what else can be done to this network to undermine our military-industrial capability?"

      I'm not an IT guy but I would think injecting false data into the system would be quite disruptive!

      Delete
    2. Exactly what I was thinking, we always think more in terms of shutting down a system thru hacking BUT what if China were to hack into the system and just mess with parts, ordering more than needed, not ordering needed parts,wrong shipping addresses etc,etc...wouldn't that be worse? You would completely lose confidence in the system and that loss of confidence could spread....

      How many months or YEARS could this go on before leadership realizes the system is compromised?

      Delete
    3. Or, altered specifications resulting in incorrect parts.

      Delete
    4. So Nico is saying the Chinese compromised the LCS and Zumwalt programs years ago ? ;-)

      Delete
    5. I think the public consensus is, yes, the Chinese have pretty much free access to everything we have or know. Consider the multitude of avenues available for acquiring information. The universities, where so much of our fundamental technology is developed is an open book to the hordes of Chinese 'students' attending them. Our patent system is an open book. Our scientific literature, reports, and papers are public knowledge. China has bought many of our technology companies and appropriated the tech. China requires companies doing business in China to share their tech info. And then there's the unending stream of public reports of Chinese hacking of our industrial and military networks and that's only the public reports. I'm sure there are many more serious cyber attacks that the military/govt doesn't report.

      So, add it up. Do you think there's the slightest chance the Chinese don't have all our information? For confirmation, all you have to do is look at all the cloned technology in their military programs. That's not coincidence, that's exact copying.

      Yes, they have everything.

      Delete
    6. Um, they are getting MORE redundancy, not less. Many of the existing DOD networks and systems have effectively zero redundancy currently. They will be transitioning to multiple datacenters that are fully redundant with full network, storage, and application level redundancy built in.

      It will be much more hardened to compromise than existing systems. Not only will it be run by a company that deal with thwarting compromise on a daily basis, it will be on systems that are actually updated and maintained in real time.

      Its not like this is some pie in the sky thing. This is an outgrowth of the same style of deployment within the intelligence community that has been very successful and running for years now. Everyone here does realize that the intelligence community has been running off a private cloud managed by AWS for years now right?

      Delete
  6. Another possible avenue in hacking, I remember an article a few ago about US military finding parts that weren't OEM or from real spare part manufacturers, they were black market fake parts, just like fake Rolexs, fake smartphones or fake whatever China produces....why couldn't a country like China not just hack into the system and mess with parts needed AND introduce into the system fake parts?!?

    Wow, now you're really messing with confidence of the system...so not only the mechanic doesn't trust the system, ordering the parts needed or not, bad deliveries or absence of parts really needed now installing fake parts so the pilots now are left to wonder about their jets...this is super cheap and easy way to sap moral and fighting edge.

    ReplyDelete
    Replies
    1. Cause people would notice rather quickly since all the hardware orders will be shared with the much larger public cloud run and managed by the same company that has 10s of thousands of security researchers constantly trying to break into it and monitoring it for anything out of bounds.

      If you care about security at this point. Having a T1 cloud provider run things is about as secure as you can get. What's the holy grail for hackers these days? It is FB, Amazon, Google, and Microsoft's cloud infrastructure. AWS has more security research eyes on it than any other system in the world.

      Delete
    2. I am nervous about ALIS in the cloud. I'm also nervous about ALIS period.

      To have a system that does vital things regarding mission planning and execution for 2000+ F-35s vulnerable to interference is a frightening though.

      As you know risk management is all about the frequency of the risk being undertaken x the consequences of the risk happening.

      I agree that the Tier 1 cloud providers are the best you can get so the likelyhood of a breach is relatively small, but the consequences of a single breach that then possibly introduces a trojan are staggering.

      Delete
    3. Um? There is no effective difference between hosting ALIS on the proposed DOD cloud and doing it on a dedicated system/network from a vulnerability perspective except that the cloud based system likely will have more competent IT.

      Remember, none of this has anything to do with a public cloud. This whole infrastructure will only be accessible via DOD networks and won't be connected to the larger internet in any way.

      The whole point of having a Tier 1 cloud management infrastructure is they are already intimately aware of isolation of systems required. Part of there whole business pitch is that they can provide nearly infinite resources that are also effectively isolated from any other system running in the same rack/row/DC.

      Delete
    4. "This whole infrastructure will only be accessible via DOD networks and won't be connected to the larger internet in any way."

      Maybe not by design but there are a thousand points of contact. You'll recall the example of the US injected virus into the Iranian centrifuge software, supposedly via a printer? There's ALWAYS points of access.

      Your faith in this system is staggeringly impressive. Of course, the history of data breaches on all kinds of massively isolated and protected systems is also staggeringly depressing. You seem to think that none of the other dozens of data breaches of major companies with the best IT people protecting them were real? Or, do you think that only Amazon has good IT people? The Chinese have hacked many major defense industry companies with highly isolated and protected data systems. How do you explain that?

      I'm sorry but history says that you're 100% dead wrong. Amazon server systems offer nothing that dozens of other companies that were hacked didn't have.

      Delete
    5. If there is a connection point, it won't be within the private cloud and will be on another DOD network and therefore would exist regardless. The private cloud will be designed and monitored from the ground up to a level that none of the existing networks are.

      I think that companies who's primary business is networks and computer access that have a demonstrated track record tends to be better than companies who's IT divisions tend to be the whipping group.

      How do I explain how defense contractors with bad security practices have been hacked? Almost all these cases are a result of horrid IT practices and zero security reviews with threat models that haven't been valid for decades. AWS, Azure, and GCP are not defense contractors. Their entire business is dependent on their computer systems and networks. They do continuous security reviews and intrusion testing (both digital and physical).

      Pretty much every major hack that has occurred both within defense and without is due to horrid security practices. They are not at all comparable with what GCP/Azure/AWS do/provide. The number of breaches that have occurred on systems following proper security practices is minuscule and minor (they get detected almost immediately and/or honey potted).

      So yes, AWS does have something that dozens of other companies that were hacked didn't have: competent IT and security people, systems, procedures and policies.

      Delete
    6. Really? No other company in the world that has been hacked had good people and good practices? Only Amazon has the good stuff?

      Are you actually aware of the seemingly endless list of major companies that have been compromised? Many of them are financial institutions with the highest level of data security possible. I think you're seeing what you want to see, here.

      Delete
    7. Do you actually work in the industry and go over the breakdowns of how the hacks occurred?

      And no, most places are in the dark ages wrt security. A perfect example is Equifax. They were hacked because of basically gross incompetence. gross incompetence is at the root of most actual data exploits. Equifax is a major financial company who's business should be 90% security for their data. They failed miserably. They should be non-existent at this point for the levels of gross negligence they displayed in computer security. Financial companies are some of the worst because they don't in general view IT as part of their business but a an impediment to it.

      For most companies, IT is at best an after thought and security is the lowest man on that list.

      Almost all hacks/data exploits happen well after things should of been patched or are the result of gross incompetence in policies/configurations and a complete lack of security review and intrusion testing.

      I think your view of the quality of IT/Security practices is far too generous to the majority of the companies out there. One of the major reasons that cloud has seen such large scale growth is people knowing that AWS/Azure/GCP offer a much better base level of management and security than they could do internally. It allows them to only worry about the security of their application instead of for everything including the network.

      Delete
    8. Yes, actually, I worked for many years in industrial computing and am intimately familiar with networks, data storage, and IT groups. The vast majority of IT groups I've encountered and worked with were highly skilled, professional, and employed state of the art methods and protections. Despite this, breaches still happen. To believe Amazon is magically immune is just wishful thinking.

      Here's a link to a reported Amazon data breach from Nov 2018, Amazon Data Breach

      and, Amazon S3 Breaches

      Capital One, who uses Amazon AWS, recently suffered a major data breach with the two companies blaming each other.

      And, here's a report about Amazon AWS data breaches in 2017. 2017 AWS Data Breaches These cases are attributed to various causes and illustrate that there is nothing magic about AWS data systems. They're as good or bad as the company using them wants to make them. Given the Navy's less than stellar record, there is no reason to believe that the Navy's AWS system will be any better secured than any of their other systems.

      Delete
    9. "I think your view of the quality of IT/Security practices is far too generous to the majority of the companies out there. One of the major reasons that cloud has seen such large scale growth is people knowing that AWS/Azure/GCP offer a much better base level of management and security than they could do internally. It allows them to only worry about the security of their application instead of for everything including the network."

      I agree with you about financial institutions. In general IT doesn't get the right priorities.

      But I disagree somewhat about only having to worry about the application if you're in a private AWS cloud. You still have all the user network and all those potential avenues of attack to worry about, not just the application.

      I do agree that AWS is likely to be the least of your problems.

      Delete
    10. The first wasn't a hack. It was bad software deployed by Amazon (not AWS).

      Everything else isn't Amazon AWS, they are gross incompetence in configuring an S3 bucket. Capital One was also gross incompetence of Capital One, and not an AWS breach: https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/

      Literally, nothing you have provided shows any issues with AWS. They are all people basically making their data publicly accessible as a configuration option. AKA gross incompetence.

      My experience with IT across multiple companies of various scale from local to ultra global is that most IT groups are just about useless and security is at best a tertiary issue for them and if they have security practices at all, they are almost always bad practices. Simple examples are things like requiring password expiration (one of the worst security practices possible) and not having a full time red team AND hiring additional outside red teams routinely.

      Delete
    11. You're sounding like a true believer. That being the case, there is, literally, nothing that could persuade otherwise! It's kind of like Hillary supporters. Despite scandal after scandal, her supporters excuse away every incident.

      Well, since you choose to ignore the evidence, there's nothing more to say. I'll leave you with the last word, if you wish. By the way, I really hope you're right and I'm wrong but history is screaming that isn't so! We'll see ...

      Delete
    12. "You're sounding like a true believer."
      Heh, if I communicated with him across your domaine Skipper, I'd have to ask who in Tyson's Corner does he work for. But that's outside my pay grade. As for the Cloud, starting off, that was a way for them to monetize the higher-bandwidth WWW as it grew. And like everything else in these businesses, they attempt to "Fake It Til They Make It". They string us along with buzzwords as they mop up cash. They go in and out of business handing it off to whomever they contracted the storage of your data to. Study the contracts if you're doing a deal for your small business. They subcontract storage space all over Europe and Asia. Some of your data with this one, some with another. Some of the small clouds around New England as recently as five years back didn't even have storage, they had their own contracted cloud that they dumped your stuff into after you signed. All it takes is for one of the providers to that cloud your stuff is tied up with to go under and that group of your data is gone. I was astounded to see how many of my phone customers in DC and up here took up Cloud storage and a couple of them, lost EVERYTHING, a mortgage company compromised thousands of customers' info and was sued out of existence. For what, to save a few hundred thousand a year in a company doing a billion or even $500,000,000? I ain't risking it, but then there are the bean counters EVERY engineer has to deal with. Anyone that doesn't keep a good IT guy on staff that speaks English and has clearances and provide the infrastructure, on-site storage and logistical support (meaning: money) to protect their data is nuts. Opening your data up to the Cloud is also allowing Hillary to look up your skirts at night.

      Hey Skipper, ever duke it out with a Bean Counter? The 737MAX was brought to us by bean counters over the objections of the engineers. All such failures are. But the Fake It Til You make It crowd, these start-up outfits, don't they just have the most ADORABLE buzz-words? The Dot.Bomb was built on buzzwords. Great topic, skip. Sometimes I need a shower just thinking of the customers I used to do business with, now that I know. Theranos, AOL, Time-Warner, massive, thieving entities that cost millions their retirements. Fake it til you make it.

      Delete
    13. The major problem I've seen in industry, that ties in with you comment, is that our market system is focused on short term profits instead of long term profitability and sustainability. Shareholders demand quarterly profits, not decades profits. Thus, the CEOs and corporate leaders are forced to act in the best interest of short term profits which is rarely in the best interest of long term financial health. Unsurprisingly, this leads to a lot of unwise short term thinking and planning. No CEO could survive long by sacrificing short term profits for long term stability.

      I remember one company (Fortune 50? or so) I worked at that was looking at a down quarter and issued a memo asking all employees to reduce their use of pencils for the quarter as part of the quarterly profit effort. Tough to get support for long term efforts in that kind of climate!

      Delete
    14. Not that tough if you can demonstrate both the short term and long term value add.

      I worked for Citrix as Director of WorldWide Production Services (internal business computing including using early versions of our products in production) and Telecom for a while. Part of that job was supporting the national sales team selling Citrix solutions to Russell 2000 C-Suite and VPs of IT. It was particularly interesting looking at financial institutions. I'm not quite as negative about security as some, because in general there has been a lot of work done in the last ten years to improve things. That said, small companies can have some of the worst problems because they simply don't have the bench strength, but they are also low value targets so the risk matrix is better.

      For something like the Navy, I would prefer to see more compartmentalization so an exploit doesn't risk access to everything. That goes quadruple for Alis which appears to be a horror show that is just begging to get worse.

      Delete
    15. In the latest example, Amazon Web Services was again hacked and taken down on or about 25-Nov-2020. Here's a link: AWS Hack

      Delete
  7. FYI -- Amazon AWS service went down on Aug. 31, 2019, with the resulting loss of customer data. Author/programmer Andy Hunt said "Reminder: The cloud is just a computer in Reston with a bad power supply." This wasn't a hack, but our adversaries could similarly disrupt service and destroy data.

    https://acquisitiontalk.com/2019/09/whats-the-rush-with-the-jedi-defense-cloud-contract/

    ReplyDelete

Comments will be moderated for posts older than 7 days in order to reduce spam.