Diary

Marine One's information stolen - is yours at risk?

If you haven’t heard already, there are reports that information on the VH-3D or the VH-60N helicopters operated by Marine Helicopter Squadron One have been found on the internet. The reason for the fuss is that these helicopters are more usually knows as Marine One when carrying the President of the United States, just as the Boeing VC-25 aircraft is known better as Air Force One.

According the CEO of Tiversa, a company that specializes in Person-to-Person filesharing networks, “a file containing entire blueprints and avionics package for Marine One” was found at an IP address located in Tehran. How did the file get out?

It seems that a computer system belonging to a defense contractor also had a File Sharing Program running on one of its computers, likely placed their by an employee who didn’t realize the dangers of running such a program. It serves as a fitting reminder for us all on the ease by which our information can be stolen.

Many methods of information access can’t be controlled by us, since we aren’t in charge of electronic security at our bank or other companies that hold our information. We’ve all heard the reports of loose laptops and files over the years, causing embarrassment and fear for customers whose data was put at risk by professionals who should have known better.

However, you do have control over some possible weaknesses in your electronic security. Here are some minor reminders.

First, be careful on open wireless networks. They are at places like airports and Starbucks, and I’ve found such networks to be very useful. But everything your computer sends can be snooped on. Usernames, passwords, and anything else you see on a webpage can be seen by the middle-man between you and the interwebs.

Second, be careful with your home wireless, if you have it. If your home network is open, and your computers aren’t secured against inter-network access, then your files could be at risk (more info here). Another vital concern is if someone else uses your network to mask their own file-sharing or hacking activities – your home becomes the originating address for these attacks, and the address to which the authorities will show up. That’s not to say that you should never open your own network, but do so with knowledge of the potential consequences.

Third, be careful with your passwords, especially those for institutions with sensitive information. Companies often suggest random strings like g8ds9ke or d7e9j2nk3 as passwords, and since many people don’t feel up to remembering random strings of characters, they swing the other way and use the same password everywhere, or easily guessed and very common passwords.

Fourth, be careful in campaign offices. Political information is power, and campaigns must balance data availability with data security – don’t do anything dumb to let an entire database get out.

Fifth, be careful with attachments. Files that are .exe are always bad – they are Windows programs and not pictures. You should also be on the look our for phishing, which is an attempt by a third party to get your information by claiming to be an institution you share data with. (Hilarious example here.)

Last, use common sense. The internet is a powerful tool, and allows us to share information and knowledge easily and quickly – just make sure you know what you are making available, and you’ll save yourself many headaches in the future. And if you want to keep anything truly safe, a pad and paper is still the best way to go.