Risk
7/27/2010
10:47 AM
50%
50%

DoD Report Details Illicit Content Probe

An Inspector General report reveals that Pentagon employees and contractors were investigated, and some prosecuted, as part of an Immigration and Customs Enforcement probe into child pornography.

A Department of Defense investigation has identified a number of DoD workers and contractors who used government computers and networks to access child pornography.

The DoD Inspector General on July 23 released a 94-page report detailing the results of an investigation that dates back several years. Some of the cases were prosecuted, while others were dropped due to lack of evidence. The Boston Globe first reported details of the investigation.

The report describes the activities of several dozen federal workers and contractors, many of whom are not identified, that range from purchasing subscriptions to child porn Web sites to downloading images on workplace computers.

Many of the cases described in the report are the result of an Immigration and Customs Enforcement investigation called Operation Flicker, which identified some 5,000 people who allegedly subscribed to child porn Web sites operated overseas, according to the Inspector General report. Operation Flicker was launched in 2006, and many of the examples detailed in the report occurred in 2007 and 2008.

Both employees of and contractors for various defense agencies, including the National Security Agency, the National Reconnaissance Office, and the Defense Advanced Research Projects Agency, were investigated in the probe.

In one case, a DoD contractor admitted to subscribing to child porn sites, according to the report.

In another case, Christopher Stokes, an employee of National Defense University, was charged with purchasing child porn online and having pornographic material on his computer. In U.S. District Court, Stokes pleaded guilty to possessing child pornography and was sentenced in October 2008 to 60 months in prison and $12,500 in fines.

Also, contractor Dyncorp came across suspicious images when running McAfee's anti-virus software on Pentagon computers. A subsequent investigation uncovered 75 images of child pornography and evidence that the Pentagon worker involved had visited child porn sites, according to the report.

The IG report is heavily redacted, with names of some individuals, their organizational affiliations, and other information blocked out. But details emerge on how transactions for the illegal content were conducted. According to the report, several individuals used their .mil e-mail addresses, while others used PayPal accounts to pay for access to restricted sites.

The investigation included forensic reviews of PCs, laptops, home computers, and, in at least one case, a USB storage device. In some cases, thumbnail images on computers indicated that images were viewed but not downloaded. Also, some evidence was deemed not to constitute child pornography.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-5314
Published: 2014-11-23
Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.

CVE-2014-5325
Published: 2014-11-23
The (1) DOMConverter, (2) JDOMConverter, (3) DOM4JConverter, and (4) XOMConverter functions in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allow remote attackers to read arbitrary files via DOM data containing an XML external entity declaration in conjunction with an entity refe...

CVE-2014-5326
Published: 2014-11-23
Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2014-6477
Published: 2014-11-23
Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4...

CVE-2014-4807
Published: 2014-11-22
Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?