This may be a CIA vs Military Intel issue:
President Donald Trump is reportedly fixated with Amazon and its founder and CEO, Jeff Bezos, and is intent on causing the company financial distress.
Among options thought to be considered by the US President is a potential attempt to stop a major Pentagon cloud contract, worth up to $10bn over 10 years, from going to Amazon Web Services, the e-commerce giant’s cloud computing division.
Trump is a machine, all about winning. Bezos is a pain in the ass, but my bet is Trump has hired and promoted a lot of pains in the ass simply because they were cost-effective and produced results. If this deal was going to be cost effective, my guess is it would happen without a hitch. But Trump seems to want to stop it.
We can assume that the CIA is penetrated all throughout any large cloud computing operation, because it gives them unfettered access to data. I have not seen what information the Pentagon will be storing with Amazon, but it is easy to imagine base security camera footage being uploaded and backed up there, soldier’s files and background checks, fund allocations, asset deployment in the form of inventories, as well as other data which could facilitate a covert facility entry, or recruitment of an asset, or betray some military operation. The bottom line is you never know how one seemingly harmless piece of data can be extrapolated out to something sensitive which will give an enemy an advantage.
The UpGuard Cyber Risk Team can now disclose that three publicly downloadable cloud-based storage servers exposed a massive amount of data collected in apparent Department of Defense intelligence-gathering operations. The repositories appear to contain billions of public internet posts and news commentary scraped from the writings of many individuals from a broad array of countries, including the United States, by CENTCOM and PACOM, two Pentagon unified combatant commands charged with US military operations across the Middle East, Asia, and the South Pacific.
One of the few things which promotes freedom and the adherence to rules is checks and balances, in the form of multiple agencies or organizations all forced to abide by rules out of fear that rule breaking could be a weakness in their fights with other entities. If Amazon ends up holding all of the Military’s data, that could allow the CIA a huge advantage over military intel. That could be bad for the cause of freedom, if the CIA ever ends up run by someone who tries to extend operational hegemony over the entire US government.
I do not see why the Military couldn’t build up in house anything Amazon has to offer, and do it for the same cost or better – and in the process retain its own data outside of the purview of all enemies, both foreign and potentially domestic. Trump may be viewing this in that sense, and that is why I would think the Amazon contract is anything but a sure deal.
Interestingly, the Pentagon already scaled back a deal with a front for Amazon which provided cloud services, after complaints about the deal being set up murkily began to surface. These days it is impossible to know what happened, there. The contract could have been set up by a CIA asset to penetrate the Pentagon and it was rolled back when exposed, or it was legit and the Pentagon saw security risks and scaled back, or lobbyists for competitors could have flexed muscle.
Personally, I can’t see reliance on the private sector as anything but a vulnerability in this modern world, where even other government agencies seem bent on subverting everything within their domain. If the Pentagon has secrets to keep, it should be keeping them all to itself.
Fortunately, these are Trump’s problems, and we know whatever the best answer is, he will make it happen.
Tell others about r/K Theory, because everything is intelligence
Not everyone in CIA is bad, and Don Pompeo just used a mop to clean up. The cloud isn’t the answer though, and compartmentalization is pretty much SOP now. Reducing division is a bad thing.
The problem is all of the classified defense logistics stuff that will be put on the cloud and potentially exposed. Logistics can win or lose wars, a good example is the German experience in the USSR during WWII. Having the world’s best tanks doesn’t mean jack when they won’t run. Ditto with F-22’s.
And the CIA should know better, especially after the OPM breach. They had people under diplomatic credentials who WEREN’T in the OPM database. All a foreign adversary (the Dragon) had to do was see who was on the OPM list and who wasn’t- then they could figure out who all the spies were (key word: were). You try picking up the pieces of that. And that doesn’t include all of the sensitive info contained in the OPM data. The key thing here is to LEARN not to do obviously stupid stuff. The Amazon thing is obviously stupid.
“I do not see why the Military couldn’t build up in house anything Amazon has to offer, and do it for the same cost or better…”
I only spent four years in the military, but they don’t excel in the area of cost efficiency.
AWS isn’t so much about storage as it is processing. AWS is tons of processor farms that essentially form an “on demand” supercomputer. I think that is more likely what the Pentagon wanted — a rentable supercomputer.
Given that the first supercomputer use for the military that comes to mind is encryption cracking, all of what you wrote above still applies. Just knowing what the military is trying to crack (even if you never see which particular files or output is involved) would be a huge advantage for competitors, foreign and domestic.
I’ll have to second what onezeno said. The procurement system of the military is hopelessly broken. If you need an example, just look at the F-35 program.
I was going to post the same as onezeno and Michael said but none the less I approve of the military having it’s own servers and data storage. O matter the cost. The tools for this are being built right now. With a little work they could have a robust system that is secure and and almost impossible to take down. The key would be the IPFS.
https://en.wikipedia.org/wiki/InterPlanetary_File_System
It makes a whole network like a disk drive where the data is stored all throughout the network. Each base could have a hardened data bunker where the storage and computing are done and the network and data could be spread all throughout all the bases. To keep the data safe all of it would be encrypted always. It’s only unencrypted when someone with the right access and the right keys downloads it and it’s unencrypted at their computer. So even of one base is destroyed the same base could, if they can get a internet signal, still use their own data backed up elsewhere. It’s actually the whole reason the internet was invented. They also need new operating systems. They need to go to something like “plan 9”.
https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs
“plan 9” was built by a bunch of the original guys who did LOTS of work on Unix which is what the internet mostly runs on. “plan 9” also has a great deal of the functions of IPFS already built in. They took the errors of UNIX and repaired them while throwing out a lot of crud. They also made it where every service is nothing but a file that’s written to and read, vastly simplifying the whole system. It was also based on the whole thing being networked from the beginning where resources were scattered in many places. It never really caught on. All the other OS’s have had so much work done on them it never really had a chance when Bell Labs was broken up. If Bell had not been broken up we might be using it today.
“The bottom line is you never know how one seemingly harmless piece of data can be extrapolated out to something sensitive which will give an enemy an advantage.”
A few decades ago, working (as an editor) with a secret clearance on a (govt) project, one of the specific directions provided to those few of us on the project with that clearance level was that we were not to allow the name of an earlier project to appear on the same page as some other earlier project because there was to be a … separation … kept even between mentions of the two. That, despite NOT being related or connected in any way, merely appearing near each other could …’draw a connection’ … that was not to be drawn.
I thought that was quite interesting — and a bit silly — but quite unlikely that folks in the know LOOKING to draw programmatic connections would no doubt have already thought of that (early human data mining?) possible connection. Ah, they were more innocent times — or more careless ones!