Fidelis Snags Anti-WikiLeaks Contracts

Security vendor is working with several federal agencies to prevent classified information on the Web from reaching unclassified government networks.
The federal government is working with a security company to help block Wikileaks and other classified content from being accessed by unclassified government networks.

Boston-based Fidelis Security Systems, which among other things makes security software to prevent data breaches, said it's working with several federal agencies to prevent employees from being able to access confidential U.S. documents that are leaked to the Internet.

"That information is classified and the fact that it's in the public domain does not declassify it," said Kurt Bertone, Fidelis' vice president and security strategist. He said he was not permitted to name the agencies that are asking for the technology.

Fidelis has been working with the federal government since 2005 to prevent data breaches and provide other security solutions.

However, in the wake of a data breach known as Cablegate, in which 250,000 confidential diplomatic cables were published on Wikileaks and other websites, federal agencies have refocused some of their work with the firm, he said. Now they are using Fidelis software to keep classified information that reaches the Web from traveling back onto government networks that aren't authorized for classified data.

In a controversial move, the Air Force already has taken similar action by preventing its personnel from accessing the global news agencies -- including the New York Times, the United Kingdom's Guardian and France's Le Monde -- that published the Wikileaks cables.

However, Bertone said this kind of measure doesn't solve the entire problem for a couple of reasons. One, it blocks access to unclassified information that doesn't need to be filtered; and two, it doesn't prevent access to classified information that may be present on other websites.

Fidelis' technology, called deep session inspection, sets policies that search data for keywords and other identifiers to separate classified information from nonclassified information, he said.

"Basically we look at the content and make a content-based decision," Bertone said. He added that there are keywords and certain character sequences in the confidential data posted on the Wikileaks site that makes it identifiable with a high rate of accuracy.

Once the technology is in place, it's up to the agency whether they want to block someone's access to the classified information, or merely send an alert to the user and to network administrators that the information is being accessed.

While the focus of the current project is on Wikileaks content, ostensibly the company's work with the feds is to prevent any classified content from traveling on unclassified networks, Bertone said.

"The general problem is classified information -- not just Wikileaks, not just cables, but any classified information that leaks out in the public domain and goes flying all over the place," he said.