Professor Scott Bell
Electronic Spillage is defined by the United States (US) Government, as information of higher classification or restrictive in nature such as personal identifiable information that is accidentally or intentionally placed on a network of a lower classification. An Electronic Spillage is something that every computer user must be aware of and know the consequences if they are every faced with this issue. Most people think that it is a simple fix to clean-up an electronic spillage, but those that live in the cyber world of warfare within information systems knows that it is much more complicated than deleting a file from a hard drive, especially if a network is involved, not just a stand-alone, and usually the network is always the case. To execute disposal of classified or personal identifiable information from stored media, whether it is magnetic, files, exchange servers and/or hard-drives from desktops or laptops, it can be very intrusive to a network. It could cost thousands of dollars for a complete clean-up depending on the size of the network. This is why most companies and especially the Military go to great lengths to protect their information systems and networks. Usually outside sources are hired for a minimal fee which could end at a huge cost to conduct the clean-up process. The cost could range from five (5) to fifteen (15) thousand dollars in most cases. Mind blowing isn’t it! But it is true. According to a Wharton-Aerospace Defense (Jan, 2009) report, the Navy pays about five (5) million dollars a year, at eleven thousand eight hundred ($11,800) dollars per spillage to a Texas-based technology service provider to wipe out any traces of classified digital information that wound up on unsecured laptops and other computers. Some would argue that this is overkill claiming that it could be cheaper just to replace the affected asset. However, according to what was reported to the Washington Post anonymously, the price is reasonable because the process often requires more than just cleaning a single laptop or computer. It can involve having to clean up to seven thousand (7,000) computers on a shared network. Of course that would include back-up tapes, virtual machines and exchange servers which in turn could affect up to three hundred thousand (300,000) users. To take it a step further, the company that is hired to clean up the spillage would go through great detail, such as obtaining and/or identifying the users in the Active Directory (AD) which could have numerous alias’, identify the Exchange server and Storage group, getting the correct user name, the date of the document, the subject of the document and the exact place it was stored or saved. It becomes even more wicked if it was placed on a Share drive or even transferred via e-mail to other recipients, not to mention the damage if it hit the internet. This process can be and most times are very tedious.
Let’s take a look at a typical Network Clustering setup design and presume that a spillage has occurred;
With this typical infrastructure, it could cost thousands to clean up a spillage. Look at the actual flow of the design; this particular design does not show all of the users that could be attached to this network. There could be hundreds or even thousands of users that received the classified or personal identifiable information that created the incident. This design only shows the connection manager, some exchange servers and file servers along with the internet connection. Can one see now how intrusive a clean-up process can be? This could be time consuming. Would it be more beneficial for the company or the government to replace the equipment or pay an external source to conduct the clean-up process? Take a look at the typical Server Mitigation;
Take a look...