Distinctions between classified and unclassified systems were discussed and include the following:

  • The motivations for attacking classified systems are often much more serious (e.g., personal conviction, blackmail, ideological shifts) than for attacking other systems. Persons may be coerced or recruited, trained, and planted as moles.

  • Threats to classified systems often differ from other kinds of threats. A serious threat to classified systems, for example, is espionage stemming from foreign intelligence. Rather than focusing exclusively on attacks that can be executed through the Internet, insiders may be subverted or backdoors may be built into software products. Such attackers have time, patience, and resources.

  • While systems within the Department of Defense are mandated to use commercial off-the-shelf (COTS) products, there are processes within government that slow down both upgrades (so that internal users are frustrated at not having the latest software functionality) and patch applications (compromising security). Participants suggested that this problem was more pernicious than in the private sector.

  • The degree of testing varies between types of systems. Unclassified systems in the federal government are subject to less stringent testing than classified systems.

Notwithstanding these distinctions, there are also several similarities between the classified and non-classified spheres of influence. Information inference through data aggregation is a threat to national security as well as to corporate interests. The Department of Defense (DOD) Website, for example, has approximately 200 gigabytes of publicly accessible data from which much could be inferred. In some cases, conclusions that can be drawn might be classified while the individual pieces of data are not. Similarly, sensitive information about a corporation’s status or plans can be inferred from disparate pieces of information that are publicly accessible. The increasing amount of information that is easily publicly accessible in electronic form exacerbates this risk.

Classified and non-classified systems alike are subject to both espionage and sabotage. In some cases, access and information (espionage) may be more valuable to the attacker than causing actual damage (sabotage); in others, sabotage might be the goal. The sabotage or compromise of even unclassified networks can have national security implications since significant amounts of sensitive information are transferred over public networks. Much of the United States’ critical infrastructure is increasingly dependent upon unclassified networks for operations, which can have a large impact on national security as well.

In light of all of this, participants emphasized that attention needs to be paid to high-grade threats to both classified and non-classified information systems and that too much attention is currently given to lesser threats where solutions are often known but not implemented. A strong case was made that advocacy from the point of view of the high-grade target that receives high-grade threats is needed. In other words, serious security threats require serious attention on the part of the larger research and practitioner community. Any such efforts should encompass classified systems (national security



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement