Magazine article Information Management

P2P: New National Security Risk?

Magazine article Information Management

P2P: New National Security Risk?

Article excerpt

Experts say peer-to-peer (P2P) networks, which facilitate file sharing between computers, are now a major threat to personal and national security.

While testifying before the U.S. House of Representatives Oversight and Government Reform Committee in July, Robert Boback, CEO of P2P monitoring service vendor Tiversa, and retired U.S. Army General Wesley Clark, a Tiversa board member, said the company found more than 200 sensitive U.S. government documents during a recent scan of three popular P2P networks.

Among the files that had been shared: physical threat assessments for several U.S. cities; a physical security attack assessment for a U.S. Air Force base; a detailed report from a government contractor on how to connect two secure Department of Defense (DoD) networks; and a document titled, "NSA (National Security Agency) Security Handbook."

According to webopedia, users who have installed a P2P client can connect to the Internet and log into a central indexing server, which has indexed the flies of all users who are currently connected to it. Users can query the indexing server to find specific flies on any of the connected computers and to attempt to connect with the computer hosting the desired file. Once connected, the user can download the file; when the download is completed, the connection with the other computer is broken.

P2P software does contain default security settings to protect specified files, but they can be easily overridden.

"This is the new threat to Homeland Security," Boback told the committee. "We found thousands of corporate cases--from banking statements, server passwords, financial data, public company data, human resources, medical records and Fortune 500 company minutes on compliance."

"If everyone knew the scope of the risk of P2P networks, America would be outraged and demand solutions," Clark added. He suggested government regulation and mandatory defensive active monitoring programs, especially for sensitive government documents.

In a sample scan run in July, Tiversa found a U.S. defense contractor employee sharing 1,900 files, including 534 sensitive files, from what was apparently a home computer. The contractor, an IT expert, worked with 34 U. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.