Risk
10/18/2012
01:48 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

After Benghazi, State Dept. Seeks Diplomat Tracking Technologies

Following deadly attacks on diplomatic facilities in Libya, the Department of State wants new technology to track employees working in the field.

14 Amazing DARPA Technologies On Tap
14 Amazing DARPA Technologies On Tap
(click image for larger view and for slideshow)
As the Department of State continues to scramble to improve diplomatic security in the wake of the recent deadly attack on U.S. diplomatic missions in Benghazi, Libya, and other violent attacks elsewhere, the agency has started a search for a new system to track its diplomats outside American embassies.

In procurement documents released this week, the Department of State says that it is looking for a contractor to build a system to track diplomats via signals from their mobile devices, including satellite phones and traditional cellular phones.

The procurement is a bid to increase security for American diplomats. It comes at a time when the Department of State is under heavy scrutiny for its ability to keep diplomatic employees safe abroad after an attack September 11 on diplomatic compounds in Benghazi, Libya, killed four--including U.S. ambassador to Libya Christopher Stevens--and wounded nine others.

While the system may be used in the United States, its primary use will be to protect State Department employees when they are outside American embassies on diplomatic missions. "The protection of government personnel traveling from the protected mission facility to their foreign counterpart's office is of paramount importance in the execution of U.S. foreign policy," the agency said in its procurement documents.

[ Cyberespionage is a growing concern. See 7 MiniFlame Facts: How Much Espionage Malware Lurks? ]

The technology will be operated out of the Department of State's Office of Security Technology of the Bureau of Diplomatic Security, the security arm of the Department of State. According to the acquisition documents, the new system will replace an outdated, nine-year-old system. The agency has already implemented a similar system from Thermopylae Sciences and Technology for diplomatic staff in Pakistan, Iraq, Afghanistan, and Yemen, though that system relies on transmitters attached to vehicles and individuals.

The system will include a Web interface that will allow the State Department to view live and historical tracking data, and will also serve data to visual mapping applications like Google Earth, ESRI software, and FalconView. It will be able to create a virtual "geofence" that can alert an administrator and the diplomat him or herself as the device enters and exits certain predefined areas. For some devices, the system will also show the State Department how fast the diplomatic employee is traveling and in what direction.

In the event of an emergency, the personnel tracker will be able to accept emergency messages from diplomats, send them emails, and activate device microphones to communicate with State Department employees.

In terms of nuts and bolts, the system will rely partially on Oracle Database 11g and Oracle Advanced Security. It will include a production server, a test server, and a backup server, and the Department of State is looking for the contractor to provide a number of maintenance and management services on top of the tracking hardware and software.

Due to the sensitivity of the data, the agency is only looking for contractors with Top Secret clearances, and anyone who works on the system will be required to have such clearance. Since the system is critical, the agency is looking for 99.9% uptime and a system that is highly secure and will meet security certification and accreditation requirements.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
J. Nicholas Hoover
50%
50%
J. Nicholas Hoover,
User Rank: Apprentice
10/19/2012 | 1:21:46 PM
re: After Benghazi, State Dept. Seeks Diplomat Tracking Technologies
I agree that this has probably been in the works for months, if not years, and isn't a reaction to Benghazi. However, given that the release of the solicitation coincides with the problems with embassy security overseas, I believe it is important to mention those problems as part of the story.
jcasciano201
50%
50%
jcasciano201,
User Rank: Apprentice
10/19/2012 | 12:49:25 PM
re: After Benghazi, State Dept. Seeks Diplomat Tracking Technologies
Anyone familiar with government contracting has to know that this RFP has probably been in the works for months, if not years, and not a reaction to the Benghazi tragedy.
jries921
50%
50%
jries921,
User Rank: Apprentice
10/18/2012 | 10:21:38 PM
re: After Benghazi, State Dept. Seeks Diplomat Tracking Technologies
The main problem with this is... that if the State Department can track the location of their employees in real time, assassins and kidnappers can potentially do the same (ie. this may do more harm than good).
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-2413
Published: 2014-10-20
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

CVE-2012-5244
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to...

CVE-2012-5694
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4) agentControlKey, or (5) platformDD1 parameter to frameworkgui/attach2Agents.p...

CVE-2012-5695
Published: 2014-10-20
Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS m...

CVE-2012-5696
Published: 2014-10-20
Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.