The head of Air Force ISR — who oversees Predator training and equipping — says that the Predator data that was broadcast in the clear and intercepted by insurgents in Iraq did not have “significant impacts” on U.S. operations, according to a report from the Online Defense and Acquisition Journal. He is quoted as saying, “Nothing is compromised. If someone does pick [the video feed] up and they don’t know the context of how the information is being used, what’s the compromise?”
Late last year, The Wall Street Journal reported that militants in Iraq used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations. Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Among the most sensitive information, according to consumer studies and security experts, is data to conduct bank transactions, personal health and hospital records and military data. In these cases, it seems there is more vulnerability than previous thought. Security measures such as one-time passwords and phone-based user authentication, considered among the most robust forms of security, are no longer enough to protect online banking transactions against fraud, a new report from research firm Gartner Inc. warns. Increasingly, such measures are overwhelmed by online criminals looking to pillage bank accounts using valid login credentials stolen from customers, the report said. In healthcare, even in the face of federal regulations, incidents continue to happen. For example, just last month, the personal medical information of an estimated 10,000 Detroiters — Social Security numbers and birth dates, included — had been compromised after two security breaches, city officials revealed. In one incident, a thief broke into a vehicle of a health department employee, snatching a flash drive with information from birth certificates. What do you think? Are businesses and the military doing enough to protect sensitive data? Email your comments to zaludreport@bnpmedia.com or Tweet at http://twitter.com/securitymag