Enron emails inspire GCHQ spooks
Software to nanny for cagey corporate cops
Posted in Management, 1st June 2007 12:18 GMT
Watch Now : Virtual Machine Movement with Hyper-V
Geeks at GCHQ (Government Communications Headquarters), the UK's spook-infested listening station, are using the infamous Enron email trail to develop software that will monitor people's emails and stop them sending incriminating or confidential messages.
The first findings from the research will be presented in August by Neil Cooke, a techie from the Communications Electronics Services Group (CESG), the arm of GCHQ that makes sure other government departments don't leave stinking great security holes in their data networks, along with colleagues from Surrey University.
Dr Lee Gillam, research fellow at the Surrey University School of Computing, said his team would be processing the 500,000 emails in corpus Enron with the help of a computer the school just acquired with a £250,000 government grant.
"We've got the capability to leak out all our organisation's secrets through email. So how can you stop that happening?" asked Gillam. The approach GCHQ and Surrey are investigating is "intervention".
"In order to work out if someone is sending out what they shouldn't it's better to intervene than pick up the traces - before they've even sent it out," said Gillam.
"We're looking at the emails that came out of Enron: what people do to abuse email policies; whether people say things they should be more careful about; whether it's possible for a machine to tell what Enron did wrong from looking at the several hundred megabytes of emails," he said
The Enron mails have become a rich seam for researchers to work with, with their record of "dick jokes, spam and internet porn", paranoia, corporate guff, political buffoonery, and incriminating evidence.
One reason the Surrey team needed a computer to do the job was because corpus Enron was filled with so much of the detritus that clutters everday corporate life. That's also what makes it a good test bed for learning to spot the signs of industrial espionage and the like.
The team tried processing their trials on a single computer, but blew the memory, said Gillam. The system is now being run on 32 IBM HS21 high-density, dual-processor, dual core Blade Servers, which gives it 68 processors and 128 cores supplied by OCF, a specialist UK integrator.
It's a modest set-up, as high performance computers go. The fastest in the world, the US Livermore national research laboratory (an offshoot of its nuclear programme), boasts 131,072 processors. The world's 20th most powerful computer at Cambridge University has 2,340 processors.
"It will eventually feature in the list of top supercomputers around the world," said Gillam. "It just depends how far down the list you go."
It is also being put to more prosaic uses. The university is working with CD02, a supplier of specialist financial software, to model market characteristics such as prices and risk. The DTI has supplied £108,000 in funding to cover the cost of a university place at the firm.
The system will also be used for neural network simulations and other intelligent computing projects, digital water marks for rights management, and some "commercially sensitive" private and government work.
The Surrey team is due to present its first Enron-inspired findings - on protecting intellectual property secrets - at the Assurance Security Symposium in Manchester at the end of August. ®
Watch Now : Virtual Machine Movement with Hyper-V
COMMENTS
Learning the wrong lesson?
Maybe I'm misremembering, but wasn't the fraud first discovered via a whistleblower from inside the company? In which case preventing people disclosing such frauds in the future may not be the best thing?
Granted there are other information leaks people genuinely want to prevent. But it's hard to stop one and not the other.
Stealth mail wrapper
Me, if I'm passing something outbound and I want to mask it I simply zip the file then manually change the file extension to .jpg and then attach it to a mail. Personally, I've never ever had that method blocked.
Broken Calculator
"The system is now being run on 32 IBM HS21 high-density, dual-processor, dual core Blade Servers, which gives it 68 processors and 128 cores..."
That would be 64 processors, surely? (and don't call me Shirley)
Actually
Actually encrypt the message within several pictures , so that software will only see a picture but not the message , and unless one has the original picture to compare against bit by bit to dig out the encrypted data from within the data stream , it cannot find the message hidden within or so it would seem!
Beside which , this wanker has obviously forgotten much about the capability of modern digital technology and the power of the current home PC(which can easily decrypt old flash high speed U-boat messages sent in the last war which sadly the Bletchley Park machine of the same era , could not do even on a good day! co-ordinated Huffduff stations would give an approximation of last position of transmission sent to allow the radar equipped long range Liberator B24 patrol aircraft to do the rest) , one can only presume to assume his brain has been disassembled and has a large number of vacancies left upon reassembly
Oh well back to the drawing board! , No. 5 is alive!
Encryption? Nope, well - erhmmm, yes - but differently.
The corporate network/installation should not allow for alien softwares but...
If you want to hide anything, there is something called steganography - including encrypted data/message in an otherwise harmless picture.
An e-mailed picture will not stick out and it's much more power consuming to scan all e-mailed images for graphical irregularities. And if you spot any, is it encrypted data or just "noise" in the picture.
You can of course ban peeps sending emails containing graphical images but hey! Why not banning e-mail to external recipients totally?
At some point, we have to start treating the staff as people and realize that we can't protect the corporations from data leakage - or Govt departments.
//DA
Enabling efficient data center monitoring
The new Office Garage series:
IT infrastructure monitoring strategies
