Chicago terrorist threat assessment leaked over P2P

The study was done in '02 by consulting firm Booz Allen Hamilton

Officials at consulting firm Booz Allen Hamilton are looking into how a Fox News reporter acquired a confidential terrorist threat assessment on Chicago over a public file-sharing network.

Larry Yellen, an investigative reporter with WFLD Fox News in Chicago, on Tuesday reported that he recently used a peer-to-peer (P2P) program called LimeWire to obtain the Booz Allen document. The firm authored the document in 2002.

George Farrar, a spokesman for Booz Allen, Thursday confirmed the incident and said the document was commissioned by the Federal Transit Administration (FTA) five years ago. It was one of 35 threat assessments of the nation's bus and rail systems that Booz Allen was commissioned to do by the agency.

"Essentially, yes, those were Booz Allen documents that were available on the Internet via a peer-to-peer file-sharing system," Farrar said. "What we don't know is from what system those documents made their way to the Internet."

Farrar said that after Booz Allen completed the threat assessment, it made the document available to numerous federal, state and private-sector entities and first responders as required under its contract with the FTA. It was then the responsibility of those entities to protect the documents, Farrar said.

"We investigated internally and didn't find the document on our computers," Farrar said. He also noted that employees at Booz Allen cannot connect to file-sharing networks at work. "We are continuing to investigate. We can't say definitely one way or the other," who the source of the leaked document was. But he said it is possible that the document was leaked from a computer belonging to one of the entities that got the report.

"We don't know what controls were put in place after the document left our hands. So far, we haven't been able to find evidence that it was from our computers," he said.

The Booz Allen incident again highlights what some analysts say is a growing problem: the easy availability of all sorts of government, personal and confidential information on P2P networks.

The situation is the result of information being leaked onto these networks by individuals who fail to take precautions for securing their computers during P2P sessions. Popular P2P clients such as Kazaa, LimeWire, BearShare, Morpheus and FastTrack are designed to let users quickly download and share music and video files. Normally, such clients allow users to download files to -- and share items from -- a particular folder on their system with other users on the network. But if the access these P2P clients have on a system is not controlled, it is easy to expose and share personal data with all other users on a file-sharing network.

U.S. authorities recently arrested a Seattle man on charges that he deliberately mined and harvested P2P networks for such data which he then used to commit ID theft -- the first time that anyone in the US has been arrested on charges of committing ID theft over P2P networks.

In July, the House Committee on Oversight and Government Reform heard testimony from several witnesses about how everything from classified military documents to corporate data can be found on P2P networks. The leaked documents on P2P networks cited as examples at the hearing included the Pentagon's entire secret backbone network infrastructure diagram; contractor data on radio frequency manipulation to defeat improvised explosive devices in Iraq; and physical terrorism threat assessments for three major US cities.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?