CIA to continue cloud push in the name of national security

The intelligence agency's director of digital futures has touted the partnership with AWS as one providing a 'game-changing' environment for the CIA to perform like a Silicon Valley startup while protecting national security.
Written by Asha Barbaschow, Contributor

The United States Central Intelligence Agency began its journey to the cloud in 2013, turning to Amazon Web Services (AWS) in an attempt to keep pace with the speed of commercial industry.

Four years on, and the CIA's commercial cloud push is still as strong as ever, and according to Teresa Smetzer, director of digital futures at the CIA's Directorate of Digital Innovation, the government bureau has dramatically overachieved where the cloud is concerned.

Addressing the Public Sector Breakfast at AWS re:Invent in Las Vegas on Tuesday, Smetzer said having a secure cloud computing environment has fundamentally changed the way the CIA does business.

"The startup heavyweights have a culture of continuous innovation which allows them to stay ahead of their markets and the challenge for public sector organisations is how to keep pace with that," she explained. "This presents a unique challenge to the public sector, in particular the intelligence community, where we really are the nation's first line of defence."

Kicking off the CIA's commercial cloud strategy about four years ago, initially it was very risky, Smetzer said.

"We weren't really sure how it would play out, but we've dramatically overachieved in terms of moving workload to the cloud and being able to enable new capabilities that we couldn't have even imagined," she said.

The CIA went live last week with the AWS secret region, which is a datacentre region targeted towards the US intelligence community and other government agencies working with secret-level datasets.

"The implications for us are stunning," Smetzer said. "We now have, for all 16 agencies, the ability to interoperate across all levels of data classification."

"This means, for the first time, we have a common set of tools, a constant flow of the latest technology, and the flexibility to scale rapidly to meet mission demands. This is a game-changing capability."

Today, data is the lifeblood of many organisations, and Smetzer said this is no different for the CIA, commenting that data is really what enables the organisation to do its job.

However, with the enormous growth of data that the CIA now finds itself dealing with, Smetzer said that task has become increasingly difficult over the last decade.

"Our analysts must be able to deal with enormous volume, variety, and velocity of information -- perhaps more than any other organisation or community in the world," she explained.

"And we must be able to fundamentally turn computing resources on a dime to enable us to discover, access, and share data securely -- we have a pretty unique mission in that regard."

According to Smetzer, cloud computing improves the agency's ability to perform timely searches on its data, which she said becomes seconds or minutes versus hours or days.

"The cloud greatly improves our speed and ability to move beyond reporting on events after they've happened, to being able to anticipate the next crisis -- we need to be ahead of curve all the time," Smetzer said.

One such area she flagged is in combating terrorism.

"Our ability to quickly sift through large amounts of very disparate data in seconds and minutes helps us either minimise or thwart future attacks," Smetzer added. "You hear about the things that we aren't able to catch, but there are many, many examples of where we have stopped events that have protected the country and our national security.

"Our anticipatory intelligence cell uses world-class machine learning and data science to understand a few things that have happened in the past and report to our policy makers issues of instability that they might have to deal with, rather than responding, proactively being able to understand what they can do to change the situation."

Another example is social media, with Smetzer flagging social media as the predominant means of communication today.

"Our cloud computing capability allows us to understand sentiment analysis in a way that helps us to look at instability and other factors that are of concern worldwide ... it also helps us to understand the authenticity of information ... for an intelligence community, this is an important challenge," she explained.

AWS has developed an intelligence community marketplace, which is essentially the same as its AWS Marketplace, just privatised and tailored for agencies like the CIA.

"It helps us minimise the government procurement process," Smetzer explained. "This is game-changing for us, because it allows us to quickly download, test, evaluate, and buy software from Silicon Valley and elsewhere. This capability dramatically accelerates our ability to fail cheap, fail quick, which really is critical to stay ahead of the mission challenges that we face."

It also helps the CIA mitigate the traditional government procurement process, which she said takes months, if not longer, and takes a lot of effort to put into action.

It was revealed earlier today that the contents of a highly sensitive hard drive belonging to a division of the National Security Agency (NSA) had been left online on an unlisted, but public, AWS storage server without a password, leaving the disk image open for anyone to download.

The virtual disk image contains over 100 gigabytes of data from an Army intelligence project, codenamed "Red Disk". The disk image belongs to the US Army's Intelligence and Security Command, known as INSCOM, a division of both the Army and the NSA, and is a snapshot of a hard drive dating back to May 2013 from a Linux-based server that formed part of the Red Disk cloud-based intelligence sharing system.

The data was found by a security researcher who informed the NSA back in October.

A report from the University of Sydney released earlier this week showed that Australians supported intelligence and law-enforcement agencies storing their web history and contact information if it was framed as helping fight terrorism.

"Clearly, there is salience for metadata data collection and surveillance when it is framed in security and anti-terrorism terms," the report states. "Privacy is important to Australians, but can be forsaken or traded off against security fears."


Trump administration releases rules on disclosing security flaws

The White House's cybersecurity coordinator said the rules are "vital" to ensuring a balance between public disclosure and retaining flaws for intelligence operations.

Amazon announces AWS Secret Region for intelligence agencies

Three years after launching Top Secret Region, Amazon has announced Secret Region for US intelligence agencies, as well as other government agencies dealing with secret-level data.

AWS launches new S3 encryption and security features

The new features include some for more secure cross-region replication.

AWS Secret Region manages cloud workloads for classified government data (TechRepublic)

Amazon's new region is targeted at the US Intelligence Community, offering compliance and security for sensitive information.

Amazon Web Services: The smart person's guide (TechRepublic)

This comprehensive guide about AWS covers the expansive cloud services offered by Amazon, common use cases and technical limitations, and what to know when adopting this technology.

Disclaimer: Asha Barbaschow travelled to AWS re:Invent as a guest of AWS.

Editorial standards