NSA files left exposed on server contained secret intelligence information

29 Nov 2017

Secret information within the files was publicly available. Image: sashk0/Shutterstock

More security slip-ups at the US National Security Agency.

The US National Security Agency (NSA) is in the spotlight again as a virtual disk image belonging to the government body was left exposed on an unlisted but public Amazon Web Services Storage server, according to a report from ZDNet.

The exposed server contains more than 100Gb of data belonging to an army intelligence project with the codename ‘Red Disk’. It was left without a password available for anyone to download its contents.

Chris Vickery of UpGuard located the data and informed the government in October, and the server was secured soon after. Its owner remains anonymous, but the information therein belongs to the US army’s Intelligence and Security Command (INSCOM), a division of both the NSA and the army.

What was Red Disk?

According to reports, the disk image contains a snapshot of a hard drive dating back to May 2013, from a Linux-based server that is an element of Red Disk, a cloud-based intelligence-sharing platform. This platform was apparently meant to complement the US military’s existing plans for examining and sharing intelligence, surveillance and other classified information.

In 2014, Associated Press reported that the network was slow, hard to use and prone to crashing – not ideal for something that was meant to be used to provide information between the Pentagon and deployed soldiers in conflict areas.

Files from Red Disk also included other classified information on the US military targeting terror suspects with weapons and security keys that would give users access to servers used by a number of US intelligence agencies.

Top secret NSA files at risk

According to Engadget: “The largest downloadable file contained a virtual hard drive, which appeared to be used for receiving, transmitting and handling classified data, with files within it marked as ‘Top Secret’ and ‘NOFORN’ – a classification meaning that no foreign nationals can view the documents, regardless of what clearance level they hold.”

This follows UpGuard’s previous discovery of a separate batch of US military intelligence gathering data on widely available social media posts from monitored individuals. Although the data left unsecured may not always be top secret, on principle it’s clear that more monitoring of security processes is needed from these major bodies.

Vickery concluded with some hard questions: “What are we doing wrong when ‘top secret’ data is literally two mouse clicks away from worldwide exposure? How did we get here, and how do we find a way out?”

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects