02:43 PM
Connect Directly

Fidelis Snags Anti-WikiLeaks Contracts

Security vendor is working with several federal agencies to prevent classified information on the Web from reaching unclassified government networks.

The federal government is working with a security company to help block Wikileaks and other classified content from being accessed by unclassified government networks.

Boston-based Fidelis Security Systems, which among other things makes security software to prevent data breaches, said it's working with several federal agencies to prevent employees from being able to access confidential U.S. documents that are leaked to the Internet.

"That information is classified and the fact that it's in the public domain does not declassify it," said Kurt Bertone, Fidelis' vice president and security strategist. He said he was not permitted to name the agencies that are asking for the technology.

Fidelis has been working with the federal government since 2005 to prevent data breaches and provide other security solutions.

However, in the wake of a data breach known as Cablegate, in which 250,000 confidential diplomatic cables were published on Wikileaks and other websites, federal agencies have refocused some of their work with the firm, he said. Now they are using Fidelis software to keep classified information that reaches the Web from traveling back onto government networks that aren't authorized for classified data.

In a controversial move, the Air Force already has taken similar action by preventing its personnel from accessing the global news agencies -- including the New York Times, the United Kingdom's Guardian and France's Le Monde -- that published the Wikileaks cables.

However, Bertone said this kind of measure doesn't solve the entire problem for a couple of reasons. One, it blocks access to unclassified information that doesn't need to be filtered; and two, it doesn't prevent access to classified information that may be present on other websites.

Fidelis' technology, called deep session inspection, sets policies that search data for keywords and other identifiers to separate classified information from nonclassified information, he said.

"Basically we look at the content and make a content-based decision," Bertone said. He added that there are keywords and certain character sequences in the confidential data posted on the Wikileaks site that makes it identifiable with a high rate of accuracy.

Once the technology is in place, it's up to the agency whether they want to block someone's access to the classified information, or merely send an alert to the user and to network administrators that the information is being accessed.

While the focus of the current project is on Wikileaks content, ostensibly the company's work with the feds is to prevent any classified content from traveling on unclassified networks, Bertone said.

"The general problem is classified information -- not just Wikileaks, not just cables, but any classified information that leaks out in the public domain and goes flying all over the place," he said.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-10-30
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.

Published: 2014-10-29
The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before IF28, 7.3 before IF30, and 7.4 before IF18 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof s...

Published: 2014-10-29
Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument t...

Published: 2014-10-29
Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function ...

Published: 2014-10-29
The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly exec...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.