Server with Top-Secret Data Stolen 142
An anonymous reader writes "Usually missing information stories are fairly low key; the loss of a few thousand student records is cause for concern for those involved, but hardly national security. This one is slightly different. The company Forensic Telecommunications Services has announced that a server containing 'thousands of top-secret mobile phone records and evidence from undercover terrorism and organized crime investigations' has been stolen. From the article: 'The company — whose clients include Scotland Yard and the Crown Prosecution Service — has assured the public that the server is security protected, and the breach will not compromise ongoing police operations. The information is made up of either old cases that have passed through the judicial process, or cases that are already in the judicial system and so subject to full disclosure to both defense and prosecution teams.'"
Re:Wrong Terminology (Score:3, Interesting)
Many nations have equivalent parallel classification schemes, including using the terminology "top secret". Long-standing agreements between various nations allow sharing of information in the same categories.
See here [archive.org] and here [wikipedia.org] for details.
If FTS is a contractor on terrorism investigations, it could very well be handling "top secret" data. The article refers to it as "top secret", but you're correct: it's not clear if "top secret" is merely being inappropriately applied here, or whether the information really could be technically "top secret".
It is (PowerPoint) quite routine [fas.org] for contractors to handle classified information in the US and UK.
Bizarre reporting (Score:3, Interesting)
I think it would be in the company's best interest to say everything was encrypted with unbreakable algorithms, but perhaps they have rules about not disclosing anything and maybe they don't want to spread the idea that people should encrypt things, that would certainly put a damper on their business, wouldn't it. I'd understand if they don't want to say they have a cell phone tracker or phone home device in it, but as for trusting them when they say nothing is important on that server they stole sounds very strange. More likely someone knew what they were going for it sounds.
a different slant on Wrong Terminology.... (Score:1, Interesting)
When I started my career at a UK C+C Headquarters, we still had some old documents with the original UK top classification on, which was "MOST SECRET". They changed this during WW2 because the Yanks might read this as 'Almost Secret'.
All these classifications used to refer to Military Intelligence-type data. But come the end of the Cold War, the spooks grabbed any work they could to justify their budgets. Lots of this work was in non-military areas - even terrorism was originally non-military, but now lots of 'civilian' work has fallen to them. So I would not be surprised to find data on gangs, or porn barons classified as 'TOP SECRET'. Heck, I bet that Thames House South holds some papers on the current protest at Heathrow with TOP SECRET all over them.
Re:Protected how? (Score:3, Interesting)
I don't think that would work, even in 1999 when Neal Stephenson wrote the book. Some data would be recoverable: disks are very hard to completely destroy. Encrypted filesystems are the right way to do it, with the key only kept in memory.
I don't know why Stephenson's characters didn't think of that idea, since they worked for a PGP-style data security company. Nor do I understand why the adversaries used Van Eck phreaking to spy on Randy's laptop rather than just install a hardware keylogger, or why an EMP can destroy a CPU but not a hard disk controller. But hey, at least the ending was better than The Diamond Age.
Re:Top secret public records? (Score:3, Interesting)
The lady doth protest too much, methinks. Something is rotten in the state of Denmark.
Either there really wasn't much to worry about or they are secretly passing rectangular pieces of firehardened clay out their anuses. And these guys are called a "security" firm!