Home » Cyber » The dangers of the Pentagon’s cloud

The dangers of the Pentagon’s cloud

by Mike Hoffman on September 5, 2012

The Pentagon has bought into the cloud computing concept and is in the process of consolidating its servers and networks to adapt to it. Moving the military onto the cloud makes sense to Defense Department leaders for two reasons: cost and agility.

Generals claim the transition to the cloud will provide a needed third capability, security. Cyber analysts, however, are not completely sold.

The Defense Department unveiled its Cloud Computing Strategy in July with its plans to move the military “from the current state of a duplicative, cumbersome, and costly set of application silos to an end state which is an agile, secure, and cost effective service environment that can rapidly respond to changing mission needs,” according to the strategy document.

In basic terms, the Pentagon’s current computer system has dedicated hardware and servers for every computer system. Under the new system, or the cloud, contractors will deliver software that is installed on the cloud or infrastructure service provider (ISP) where it runs on processing power in a consolidated data center.

Ian Malloy is the CEO for Malloy Labs. He is working to stand up cyber security operations in order to combat cyber threats such as Flame, Stuxnet, and Gauss. Mallow understands why the Pentagon is hoping to save money by moving to the Cloud, but he worries the Pentagon is setting itself up for a catastrophic failure from a cyber attack.

“The cloud infrastructure is virtually leaving little to protect full loss of data should the proper attack be performed,” Malloy said.

He worries that computer engineers have not had enough time to explore the cloud concept and the potential vulnerabilities before transferring the Defense Department’s massive infrastructure onto it.

“Though they espouse advancements in cloud security funding to initialize and begin the process of transferring operationally sensitive systems to a new realm they forget how young and insecure the cloud is,” Malloy said.

Outages seen with Amazon Web Service’s Public Cloud has made other cyber security analysts leery of the potential risks of moving large agencies onto the Cloud.

Kevin Williams works on the B-1 program for Boeing on systems engineering integration. He worries the cloud will not allow for enough redundancy and leave the Defense Department exposed by putting “too many eggs into one basket.” The Pentagon must be sure to diversify their cloud computing sources, he said.

“Most cloud providers will offer different types of redundancy within their architecture as optional features,” he said. “However, this redundancy is still contained within a single system – never put all of your eggs in the same basket.  By diversifying your cloud computing sources, you reduce your exposure to a catastrophic cascading failure from a single cloud provider.”

Protecting infrastructure from cascading failure requires the additional investment in “automatic failover.” This is an expensive addition, but it’s a necessary one the Pentagon will have to make, Williams said. That investment could bite into the expected savings the military anticipates.

The Defense Department’s Cloud Computing Strategy states the military has planned this transition to make its networks more efficient as technology and computing becomes more complex. As the amount of  networks and computing power grows, Williams is concerned the cloud could work against itself by shrinking bandwidth for some users.

U.S. military networks are spread out across the world. By consolidating the number of servers, there is the risk that too many users would be stuck on a limited number of high capacity trunk lines flowing into data centers in fewer parts of the world.

“If you have enough users, this could potentially create higher latencies and lower bandwidth speeds which can negatively impact some applications,” Williams said.

Both Williams and Malloy suggested the Pentagon is underestimating the costs associated with transitioning to a cloud computing strategy.

“Relying on creating a “secure” cloud environment as the new DoD funding initiative calls for requires too great of spending on securing the system, without even factoring in transition costs,” Malloy said.

The Pentagon can’t afford not to make those security investments with the U.S. military and government under constant cyber attacks, analysts said. A transition to the cloud computing concept could pose significant advantages for the military’s future, but Williams and Malloy have plenty of doubts the transition will occur safely.

Share |

{ 50 comments… read them below or add one }

RunningBear September 5, 2012 at 2:59 pm

Hmmm…computer experts urge moving all data to the cloud…computer experts urge data is not protected on the cloud…. both expert groups want more money for studies and programs and "job security, to ad nauseum…";sounds like someone is chapped, they missed their turn at the "trough". sickening! :(

Reply

blight_ September 5, 2012 at 3:35 pm

If you read The Hacker News enough (THN) it depresses you.

And they're covering all the random cyber attacks in the MidEast that DefTech seems to have given up on…for now.

Reply

Max September 5, 2012 at 3:54 pm

I don't understand the stupidity of it all. It must be true what the creator of Dilbert said about management being composed of stupid people who get promoted precisely because they're stupid. Kind of like, birds of a feather…

Reply

Theadore September 6, 2012 at 5:49 pm

Have you heard of The Peter Principal? In short it is where everyone and anyone is promoted one level above their competency?

Reply

yoyo September 5, 2012 at 4:01 pm

A security system is only as secure as its weakest point…something to keep in mind.

Reply

rema whitecloud September 10, 2012 at 11:26 pm

always a missing link with security….

Reply

Raraavis September 5, 2012 at 4:07 pm

There is no Cloud. There are lots of clouds. Each vendor big and small has their own cloud, as well as most corporations have private clouds that host only their internal data and applications. Essentially all a cloud is, is the consolidation of processing and data to a more centralized location and depending on longer range data links. Data and processing that use to take place in each building gets consolidated a little farther away in a larger data center.

What scares me about this article is it seems to indicate that the Pentagon isn't going to be using it's own private clouds but trusting third party providers with it's data. This is an incredibly bad idea.

Reply

blight_ September 5, 2012 at 4:10 pm

Something about the Push to Privatize…shudder.

Reply

blight_ September 5, 2012 at 4:31 pm

I remember reading an article where the NSA designed some program that duplicated a off-the-shelf private sector program, and Congress got in their face and tried to make them buy the OTS program. I imagine if true, government workers no longer have the option to do things in-house.

Edit:
http://www.wired.com/wiredenterprise/2012/07/nsa-

Edit 2:
http://www.whitehouse.gov/omb/Circulars_a130_a130

"(ix) Ensure that improvements to existing information systems and the development of planned information systems do not unnecessarily duplicate IT capabilities within the same agency, from other agencies, or from the private sector; "

Reply

tmb2 September 5, 2012 at 7:49 pm

"What scares me about this article is it seems to indicate that the Pentagon isn't going to be using it's own private clouds but trusting third party providers with it's data. This is an incredibly bad idea."

It's still in the .mil domains so it's not like the military handed the keys over to Google.

Reply

Paul the IT guy September 5, 2012 at 9:46 pm

.mil can point to any system anywhere. It's simply dns – a linking of ip addresses and names. In the case of .mil, that linking is done by the Pentagon/Gov. Policy of the Pentagon/Gov is the only barrier – a policy which now says use the cloud…

Reply

crazy September 7, 2012 at 10:55 am

Not necessarily – google GAfG… it's happening now.

Reply

John Moore September 5, 2012 at 4:12 pm

More power available at the click of a button is always a good thing.

Placing secure and secret files on the cloud architecture is not so smart.

Saying everything is going that way is wrong but it makes sense for some applications.

Reply

Ranger September 5, 2012 at 4:18 pm

NMCI cannot even keep the Exchange Server up for an entire week without the occasional downtime – meaning you lose email until it's back up.

Usually a minor annoyance of a few minutes or so. But if I'm working a serious project on deadline and the necessary program goes offline – THAT is a significant pain in the posterior, including the potential of losing work already done.

Store on the cloud, maybe. But I want MY programs on MY computer.

Reply

Greg September 5, 2012 at 6:12 pm

That is not true you do not loose email. The ISP queues it for the 45 minutes or longer. Furthermore if it is an exchange failure then your spam filter which is your smtp point anyway would intercept all mail and store it on its own internal storage.

The author hit the nail on the head when he describes automatic failover. What the author is specifically talking about is technologies like VM Ware SRM (Site Recovery Manager) and EMC's RecoverPoint.

The author hits another key point in the problem in how the DOD chose to purse the cloud. The problem is they are trying to do this on the cheap. They are utilizing HP as the main provider. Yes HP can provide the blade servers and the storage, but what is HP's robust mechanism for automatic fail-over. They will have to leverage the storage array to replicate data which is darn sure not the most efficient way to replicate. Furthermore HP is a core infrastructure provider…Meaning that although the virtualiztion and cloud products run on their infrastructure they did not design the cloud products and don't have the best integration with the cloud products because they did not design them. So the Army went for them because they are cheap.

If the Army had selected EMC, which also owns 90% of vmware, they would have had better automatic fail-over capability via RecoverPoint and it's tight integration with SRM. With RecoverPoint each site could actively replicate to 4 additional sites to maintain 4 additional copies of the data. You can go back in time with RecoverPoint. RecoverPoint is a snapshot appliance that can take snapshots of data like VM (virtual machines) and traditional data like NTFS that can be replayed backed up, bought up temporarily on another machine for analysis…You get the picture.

By going cheap the screwed up big time with the ability to efficiently disperse the infrastructure which they will eventually do regardless of how cloud 1.0 turns out.

Reply

Ranger September 6, 2012 at 11:04 am

You lose ACCESS to the email until the system comes back up – which usually is not a major problem, if short-term, but can be a serious issue when dealing with short fuse issues. I've missed important meetings because they cahnged at the last minute – and the email didn't come through until it was too late.

As for HP, they're the ones behind Navy Marine Corps Internet – and to put it charitably, they are "less than optimal."

There is no way I want to trust that I can access my essential programs or data from a cloud.

Reply

Bill September 6, 2012 at 1:19 am

It might sound all good and dandy, but the moment in which the cheapest and qualified cloud-computing provider is selected, you can better be sure that they will become the #1 target for those willing to test their skills.

Scary move to do this when we haven't fully figured out the criminal consequences of bypassing government cybersecurity.

Reply

The_Hand September 6, 2012 at 3:47 am

What's driving the move to cloud is the fact that right now every platoon in the DOD has its own IT infrastructure, and they're all linked together, so the whole thing is only as secure as the weakest link in the chain. You cannot enforce security on a balkanized kludge like that. I hate to even mention the guy, but look at the Manning incident. Are clients on SIPR supposed to have CD-R burners? Hell no, but Manning's did, so all the traffic on SIPR was compromised.

Centralization of this sort does create an eggs-in-one-basket situation, but at least the eggs are in a securable basket and not rolling around on the dance floor. It can be made secure if properly architected and operated. That's a big if, but the threat environment is way too sophisticated for the hodgepodge we have right now.

As for NMCI, I still have no idea why HP is allowed to have such a stranglehold on defense IT. Talk about waste and inefficiency. I've always just assumed they had incriminating pictures of someone.

Reply

TonyC September 6, 2012 at 6:32 am

Cyber Pearl Harbor in the making, we had all of our eggs in one basket before.
Take out the cloud and disable multiple weapons systems, comand and control,
and battlefield communications. Sounds like the Microsoft wants DOD work?

Reply

blight_ September 6, 2012 at 11:00 am

I think you're over-estimating what the cloud is meant to do.

Reply

JJMurray September 6, 2012 at 7:24 am

The "cloud" undoubtedly has some advantages but the bottom line is (as was seen with megaupload) if you don't keep your stuff backed up locally you are setting yourself up to lose everything when someone cuts your connection to the cloud server(s) or knocks you off the network…and that really isn't all that hard to do.

Reply

Greg September 6, 2012 at 9:58 am

Not true, I backup from a tertiary site then I no longer affect the performance of the production site. With fabric and gig Ethernet technologies, you can keep the prod and DR environment with seconds of each other. Fabric being obviously superior for short distances while IP more resilient to errors and able to handle longer distances. Maybe the pentagon should first talk to the professionals who live and breath this stuff before making a decision.

Reply

nurse2go September 6, 2012 at 8:01 am

Talked to a security computer geek. Asked him how secure the cloud was for Pentagon use. Answer…." use it only if you want the other party to own it"……End of discussion on security in the clouds.

Reply

Greg September 6, 2012 at 10:01 am

The dod is setting up their own cloud. When they say an ISP hosted cloud they mean in a secure ISP data center, with the DOD's own equipment. I was just at one suce datacenter in VA. Very secure and the Environment is already setup.

I will agree, if you put the data into an icloud/dropbox/google docs then you have a valid security concern because ultimately those vendors would own your data and also it's security.

The cloud concept though is not only for these vendors it's for businesses and institutions to setup their own clouds also.

What the cloud means is that your data is up 99.9999% of the time. That means in the event of a catastrophic failure your data either stays up and or is able to come back up in a very short order.

Reply

Greg September 6, 2012 at 10:06 am

I forgot to mention that the cloud is not only 99.99% uptime but also accessibility. Accessibility is a classic networking issue not related to the cloud. This data would need to be accessible regardless of whether it is in the cloud or not.

Reply

liam September 6, 2012 at 8:05 am

In the simplest of terms…if DOD jumps to cloud technology, with out more study, then it is like dropping your pants and exposing yourself…and then with a very loud voice saying, "LET ME HAVE IT…PLEAS MAY I HAVE ANOTHER!!!" If it is not broken then don't fix it…not until you are sure what you want to go to is gonna work!

Reply

Musson September 6, 2012 at 10:37 am

DELL pitched us a SECURE PRIVATE CLOUD. They maintain a ton of blade servers in a secure location and only allow us to us to access them.

It would have allowed us to maintain secure banking data – but the upfront costs are more because they cannot rent out the unused capacity to anyone else.

Reply

blight_ September 6, 2012 at 10:39 am

Considering the military already has a parallel secure intranet, it's not a bad place to park a cloud. As long as you employ secure air gaps, how's a hacker going to get to it?

Of course, it's easier to get in an autonomous worm with the classic random-flash-drive-with-worm, but it won't help you get information out, or to operate dynamically with user commands.

Reply

elmondohummus September 6, 2012 at 11:01 am

Why did half of my responses disappear? They were polite, directly on topic, I most definitely didn't take shots at anyone, but instead was talking about cloud computing, which I'm familiar with in my job… did I do something wrong???

Reply

blight_ September 6, 2012 at 12:09 pm

No clue. I thought they were interesting replies… :[

Reply

elmondohummus September 6, 2012 at 2:04 pm

Actually, they showed up eventually. I think my browser just hiccuped.

Thanks for the sympathy at least.

Reply

tmb2 September 6, 2012 at 7:07 pm

Sometimes the filters on military.com websites pick up a keyword and insta-ban your post without explaination. If your post takes a while to show up, its a server problem and can be corrected by emailing the admin. If your post instantly disappears with an italicized message from the admin, then it was a keyword filter.

Reply

yakoldnozson September 6, 2012 at 11:28 am

well, being one of those that is a "receipiant" of this "new thinking" – it ain't NO cloud it's HELL!!! constant program pushes/updates, constant interuptions, and the stuff is not DELL it's HP, talk about a total cluster f*)_^)(&^k!!!
tell the generals and the "wise" contractors and civilians to keep their "cloud" thinking to themselves and before they institute something – make sure it works!!!!!!!

Reply

BLWarmonger September 6, 2012 at 1:40 pm

I take it the guys who came up with this idea never read Robert Heinlein's "The Moon's a Harsh Mistress." Even in the 1960s they knew what poor security resulted from putting everything on one computer. :)

Reply

elmondohummus September 6, 2012 at 2:50 pm

But the whole idea of distributed computing and storage in cloud services is the very antithesis of that. The central idea *IS* to make certain that your servers & services, applications, and data are not stored on one server or even just a single cluster, but spread out in a way that can continue to deliver your stuff even if some parts of it fail or are destroyed. The entire selling point of Infrastructure/Applications/Storage As A Service paradigms is to make sure that you're not vulnerable to single-point failures.

Reply

guest September 6, 2012 at 1:58 pm

US Defense CAN NOT risk the reliability and performance of its network and critical data to a cluster of "clouds" that are being developed with foreign money (some from not-friendly nations).
Some of those not so friendly nations have a vested interest on gaining control or access to US Defense data, motivation enough to subsidize the creation of data clouds in order to put any real free-market competitor out of business . This effect will cause lots of consolidation and turnover of the "ownership" of those unprofitable cloud cells, creating the perfect opportunity for bad things to happen during their unstable transitions (and who knows what kind of waivers and shields from liability their attorneys will insert as part of the deals). In other words, it would be like outsourcing the storage, performance and reliability of the US Defense data to any of the well known, so called "low cost regions", most of which are controlled by communist or dictator regimes…

Reply

hdhyrhfh September 6, 2012 at 7:13 pm

Blight yes you can you have to think deep only certain people in this world are capable of thinking beyond the boundaries of what is taught. I’m not even a programmer and if I suggested the idea most would say you can’t do it. Music has patterns beats etc which can be programmed to be interpreted as characters ones and zero whatever you would like to assign them. This isn’t something you can just Google and come up within an answer.

Reply

hdhyrhfh September 6, 2012 at 7:32 pm

So gdhydfh your saying some sort of program would have to be inserted that permits the microphone and program to translate the sound into code. Ok so your saying because you already know what music is going to play or playing you have a pattern to create the code. I get you.

Reply

D. Dieterle September 8, 2012 at 5:41 pm

Not a good move… The government can't even agree on a cybersecurity doctrine and they want to move DoD servers to outsourced systems? At least if they are in military hands they can control the environment and security procedures. Yes, they may save some money in the short run, but this is the worst idea I have seen to date.

cyberarms.wordpress.com

Reply

rema whitecloud September 10, 2012 at 11:30 pm

hey operator 15 you still there

Reply

Big-Dean September 8, 2012 at 5:52 pm

Let's rank DOD initiatives/project/actions on a stupid scale 1-10 with 1 having the highest level of stupid all over it. Here's my list:

1. Handing over the DOD network to a private contractor, i.e. moving to the cloud
2. the entire LCS program
3. cancelling the F-22
4. having less than 12 carriers
5. completing the F-35
6. current military contracting practices
7. over-emphasis on the "war on terror"
8. pretending that China is NOT our enemy
9. dropping the ball completely on proper maintenance of the fleet
10. too DAMN many generals and admirals

Reply

rema whitecloud September 10, 2012 at 11:34 pm

remember the pentagon is the machine so any innovative new approaches to archiving the past like cyber storage no worries it does not affect the guardian who watches over the clouds

Reply

Keenan April 24, 2013 at 10:20 am
www.massage tips.org May 20, 2014 at 6:20 pm

It’s going to be finish of mine day, but before finish I am reading this fantastic paragraph
to increase my knowledge.

Reply

elmondohummus September 6, 2012 at 10:28 am

… Cont'd:
You want an analogy? Ok, this is an oversimplification and has a rather large contradiction to it, but: You all remember mainframes? If you think about a mainframe that's not hardware, but virtualized across multiple servers so that it can have more uptime and be more reliable in the case of system or even catastrophic geographic location failure, then you're halfway towards understanding one of the concepts of clouds. Your storage, some of your processing, and your app and data delivery is being handled somewhere else on the network or internet; it's just that it's not this big, hulking IBM monster anymore but rather a bunch of virtual servers across a bunch of rather mundane hardware.

Before anyone in IT jumps in here: Yes, I DO know that a mainframe is about centralization where cloud computing is about DEcentralization and distribution of processing and storage, but I'm trying to make part of the concept familiar to people. (Cont'd…)

Reply

elmondohummus September 6, 2012 at 10:53 am

Cont'd

Anyway, another name for the concept might clear some of the confusion up: "Infrastructure as a service". In short, it's nothing more than a virtualization of much of the infrastructure normally assembled and configured to deliver an organization's IT needs. That's done ito get benefits that include:

1. Having more uptime. Spreading your services across hardware instead of dedicating individual servers – or even virtual ones in a cluster – means that you lessen your exposure to downtime from hardware failures, upgrades, etc. If you spread things around right, you can even mitigate locational problems like floods, other natural disasters (up to the hypothetical "meteor strike", a joke among IT catastrophe mitigation personnel… yeah, those exist. I've seen multigeographic plans to keep services for an org running that would actually have to take out half a state before it would affect operations. That led to the hilarious, ironic hypothetical scenario of everything physical for that organization being destroyed, BUT survivors could still work from whatever shelter they fled to). (Cont'd…)

Reply

elmondohummus September 6, 2012 at 10:58 am

(cont'd)
2. Theoretically being less prone to denial of service attacks if you properly distribute your assets so there's no central point to attack,

3. Theoretically being more secure because you don't distribute your data amongst hundreds, thousands, tens of thousands, of PCs (meaning you'd have to account for security on each and every one of them), but because it's centrally stored (in a virtual sense; it's still distributed, but distributed across secured datacenters). You can centrally secure things.(cont'd…)

Reply

elmondohummus September 6, 2012 at 10:59 am

Cont'd…
Yes, holes can be poked in all of those arguments, especially #4. A small part of my job involves identifying those security holes, so I'm very well aware of the security issues. That said, clouding *does* cut off a variety of security holes involving end-user compromises.

Anyway, tl;dr, I've heated the air enough. The point is that there are some misunderstandings about cloud computing. The reality is that none of the problems that apply to the commodity cloud needs to apply to the Pentagon. Yes, they'll apply if they do it wrong. But that's the key: Don't do it wrong. Here's to hoping they have folks who'll do it right.

End.

Reply

blight_ September 6, 2012 at 4:35 pm

Bombing bridges in Vietnam with dumb bombs might've been less bloody if JDAMs had done the trick.

Nowadays, the death benefit might be higher than it was when you were in the service.

"That may be why POTUS has learned to place so many eggs in the SPECOPs basket today …. He has learned the rest are a bunch of really nice kids who play in uniform"

I imagine you did your time (unlike me), but there have to be people in the service today who dispute your latter assertion.

Reply

blight_ September 6, 2012 at 4:37 pm

You can't compile executable code just taking in sound…

Reply

Leave a Comment

Previous post:

Next post: