18 November 2018

Intelligence Advanced Research Projects Activity (IARPA) Seeking New Technology/Techniques To Protect Future U.S. Sensitive Compartmented Information Facilities (SCIFs) From Foreign Surveillance/Trusted Insiders — But, Is A Whole New Approach To How We Protect Our Most Precious Secrets…….Needed?

FedScoop posted a November 6, 2018 article to their website, by Carten Cordell, with the title above. He notes that “due to increasing eavesdropping and [sophisticated] surveillance [techniques] tactics from foreign adversaries, the Intelligence Advanced Research Projects Activity (IARPA) is reaching out to industry for new solutions to safeguard the [U.S.] Government’s [most] sensitive meeting sites.”

IARPA issued a Request For Information (RFI), “seeking innovative methods for securing Sensitive Compartmented Information Facilities (SCIFs), from a variety of [foreign] spying operations.” As an Intelligence Community veteran/33 year career, I can assure you that SCIFs’ are the most protected and secure facilities in the national security orbit; and, it is where most of our most sensitive/critical secrets are stored/held. IARPA officials are calling for information on how to prevent surveillance attacks utilizing radio frequency, optical, magnetic, or acoustic transmissions from intercepting communications within SCIFs,” Mr. Cordell reported.

“Our adversaries continue to develop advanced tools and methods to enable technical surveillance attacks against sensitive U.S. facilities and personnel,” the RFI said. “These attacks are increasingly sophisticated; and, may exploit a variety of different sensors and data exfiltration paths. It is imperative that we are able to detect the operation and location of any adversarial sensors, whether concealed, or hidden in plain sight; and, eliminate all possible transmission paths for exfiltration of data.”

“Because future SCIFs could include wireless sensors and Internet-of-Things (IoT) [Internet-of-Threats] enabled mobile devices, agency officials want to target strategies to prevent adversaries from siphoning data from those devices, as well as blocking cyber attacks on technology within the facility. In the future, we may explore the authorized operation of wireless networks — in, or near sensitive areas; it is imperative we develop appropriate technologies and methods to both secure these networks, and prevent them from being exploited,” the RFI said. “Therefore, we strongly seek advanced concepts for securing wireless networks at the physical layer — in addition to encryption used at the logic and application layers.”

Mr. Cordell adds that “IARPA officials are asking for solutions that can both shield signal-producing devices from data exfiltration; but, also ones that can detect listening devices on personnel, or in their personal effects when entering a SCIF. Industry officials are asked to provide their approaches to securing radio frequencies coming both into and out of SCIFs, safeguarding the facilities’ wireless networks and surrounding areas from eavesdropping, developing detection capabilities to protect against surveillance technology [clandestinely] brought into secure sites.”

“Those interested have until December 31, 2018 to respond/submit a proposal,” the RFI noted.

The late bank robber Willie Sutton famously replied when asked why he robbed banks responded: “Because that’s where the money is.” To a great extent, SCIFs are where the really sensitive information and discussions occur. So, it is no surprise that the adversary places a high priority on penetrating or compromising these facilities. But, as we saw with former NSA contractor and U.S. fugitive Edward Snowden, the Insider Threat is potentially the most dangerous, and damaging. I do wonder about allowing IoT wireless devices to be accessed from within these facilities; but, perhaps we’ll load them with honeypots and clever, sophisticated, but corrupt data and Trojan Horses. Making penetrating the SCIF a ‘wilderness of mirrors,’/maze of dead-ends, or digital ‘tar-pits’ is not a bad idea — if it can be done. I also wonder about the utility of the SCIF itself in the 21st century. The SCIF has been around for over 50 years. Is it time for a paradigm shift? Perhaps IARPA should have a dual-track strategy here of enhancing the security of the U.S. Government’s SCIFs for a 21st century threat; but, also establish a Red Team, or solicit ideas for a whole new concept of how we protect our most precious secrets. Perhaps we should disguise our SCIFs; and, have contaminated or false/deception SCIFs that lure in the adversary or Trusted Insider — so that they are ‘fed’ the data we want them to see, and maybe even tag their bots and malware so that not only do they get bad or corrupted data — but, we get a ‘gift that keeps on giving.’ I do not know what I do not know here; nor how practical, or not some of these ideas/thoughts are. But, it would be useful to Red Team, or examine a whole new ‘architecture’ with respect to SCIFs, and highly compartmented information.

No comments: