Insider threat could be insidious to regional stability

Security of military technology information is paramount in hot coal beds such as South Asia

A very potent weapon

South Asia is a hotbed of political conflicts. The region has witnessed many wars – not to mention the almost continuous ‘low intensity’ conflicts with non-state actors. The dimensions of conflict have more than quadrupled since the three dominant countries became ‘nuclear’.

In such a dicey scenario, military technology becomes a much-guarded state secret. All three countries have organizations that are committed to the research and development of such technology. One such is the BrahMos project (PJ-10) between India and Russia. The project is a joint venture (BrahMos Aerospace) between the Russian NPO Mashinostroyeniya and India’s Defence Research and Development Organisation (DRDO). The BrahMos, a medium-range ramjet supersonic cruise missile, is considered the fastest cruise missile in the world. A very potent weapon in the arsenal of any army.

Insider threat becomes reality

Recently, the media in India reported that an engineer from BrahMos Aerospace was caught possessing “secret and highly sensitive documents”. (1)  What transpires with the stolen information is left to anybody’s guess – pass it on to an unfriendly government or sell it on the Dark Web. As this blog is being written investigations are being carried out to ascertain whether any sensitive information had been leaked earlier and on possible repercussions.

No data is inconsequential

In the world of espionage every iota of data has significance. For example, logistics master data, which contains a range of confidential and sensitive information, may have a significantly negative impact on any company if it were to fall into wrong hands. Information, such as pricing, inventory management and consumption-based planning, that are included in SAP Material Management need to be protected. Often access to such complex and sensitive material data is unregulated based on the quoting procedures and exports of such information are frequent.

Protecting critical data – An actual issue resolved by SECUDE

Research Centre Imarat (RCI), a leading laboratory of the Defence Research & Development Organization (Ministry of Defence, India), is located in Hyderabad, Telangana. The center is responsible for research and development of missile systems, guided weapons and advanced avionics for the Indian Armed Forces and as such sources components and materials from Original Equipment Manufacturers (OEMs).

Initially, the research center’s multiple users, across functions, not only had access to the center’s Purchase Order transactions, but also had the capability to download and even print copies of POs, thus creating an opportunity for potential data leakages that would be detrimental to India’s national security.

The Director of IT at RCI implemented a solution to monitor and block all users who now have been denied access to download or print POs even if they have legitimate access to view and edit the transaction on their systems. Consequently, the capability to print or download data is possible only through exceptional authorization to specific users. The research center now has the capability to not only block unauthorized downloads, but also record the same in audit logs thereby giving visibility into any unauthorized attempts made. It has visibility on all data that are extracted from the enterprise.

You can read more about this solution here.

Reference

[1] BrahMos Aerospace engineer held for leaking info to Pakistan

[2] BrahMos scientist held on spying charge, 2 others raided in UP

Related Reading

[1] Protecting national interests, not just documents: SECUDE’s HALOCORE secures RCI’s PO transactions

[2] Swiss data security firm SECUDE expects more orders From DRDO

[3] Dark Web augments insider threat for organizations

[4] Compromised data is compromised security

[5] How do you secure data against Industrial Espionage?