Fidelis Snags Anti-WikiLeaks Contracts

Security vendor is working with several federal agencies to prevent classified information on the Web from reaching unclassified government networks.

The federal government is working with a security company to help block Wikileaks and other classified content from being accessed by unclassified government networks.

Boston-based Fidelis Security Systems, which among other things makes security software to prevent data breaches, said it's working with several federal agencies to prevent employees from being able to access confidential U.S. documents that are leaked to the Internet.

"That information is classified and the fact that it's in the public domain does not declassify it," said Kurt Bertone, Fidelis' vice president and security strategist. He said he was not permitted to name the agencies that are asking for the technology.

Fidelis has been working with the federal government since 2005 to prevent data breaches and provide other security solutions.

However, in the wake of a data breach known as Cablegate, in which 250,000 confidential diplomatic cables were published on Wikileaks and other websites, federal agencies have refocused some of their work with the firm, he said. Now they are using Fidelis software to keep classified information that reaches the Web from traveling back onto government networks that aren't authorized for classified data.

In a controversial move, the Air Force already has taken similar action by preventing its personnel from accessing the global news agencies -- including the New York Times, the United Kingdom's Guardian and France's Le Monde -- that published the Wikileaks cables.

However, Bertone said this kind of measure doesn't solve the entire problem for a couple of reasons. One, it blocks access to unclassified information that doesn't need to be filtered; and two, it doesn't prevent access to classified information that may be present on other websites.

Fidelis' technology, called deep session inspection, sets policies that search data for keywords and other identifiers to separate classified information from nonclassified information, he said.

"Basically we look at the content and make a content-based decision," Bertone said. He added that there are keywords and certain character sequences in the confidential data posted on the Wikileaks site that makes it identifiable with a high rate of accuracy.

Once the technology is in place, it's up to the agency whether they want to block someone's access to the classified information, or merely send an alert to the user and to network administrators that the information is being accessed.

While the focus of the current project is on Wikileaks content, ostensibly the company's work with the feds is to prevent any classified content from traveling on unclassified networks, Bertone said.

"The general problem is classified information -- not just Wikileaks, not just cables, but any classified information that leaks out in the public domain and goes flying all over the place," he said.

Read more about:


About the Author(s)

Elizabeth Montalbano, Contributing Writer

Elizabeth Montalbano is a freelance writer, journalist, and therapeutic writing mentor with more than 25 years of professional experience. Her areas of expertise include technology, business, and culture. Elizabeth previously lived and worked as a full-time journalist in Phoenix, San Francisco, and New York City; she currently resides in a village on the southwest coast of Portugal. In her free time, she enjoys surfing, hiking with her dogs, traveling, playing music, yoga, and cooking.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights