Information Warfare: Tzahal Net Springs a Leak

Archives

July 27, 2007: Over a year ago, an Israeli reserve officer discovered that the Israeli armys internal Internet, Tzahal Net, had a flaw which enabled anyone using it to access top secret documents. These included data on new weapons, and wartime plans for units. Over sixty percent of the personnel in the army use Tzahal Net at least once a day, and most of them are not cleared to access top secret documents. The officer, a medical doctor, wrote to the army information security department about his discovery. He was told that the army was aware of the problem, and was working on a solution. The problem was that units were not supposed to put top secret documents PCs connected to Tzahal Net. Those that did were first warned, then, if they persisted, were cut off from Tzahal Net for a period of time.

When the officer returned for another bit of active duty recently, he found that the problem still existed on Tzahal Net. This time he reported the security breach to army headquarters, and to an Israeli newspaper, which promptly published the information. Army headquarters said they were not aware of last years complaint, but would get right on to finding a solution. Captain Kahan was thanked for his efforts.

The problem has nothing to do with hardware or software, but with user error. It's an all-too-common problem for government and military officials to put secret documents on servers connected to the Internet, or networks that allow people lacking sufficient security clearances to see those documents. It's what is called a user problem.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close