Australian Signals Directorate (ASD) Partners with Amazon Web Services to Establish $2 Billion Cloud System for Classified Information Sharing

ASD Partners with Amazon Web Services to Streamline Classified Information Sharing

The Australian Signals Directorate (ASD) has announced a partnership with Amazon Web Services (AWS) to establish a cloud system that will streamline classified information sharing between defense and security agencies. This project, set to be operational by 2027, is expected to cost $2 billion (US$1.3 billion) during its establishment, including ongoing maintenance and usage costs. While the exact data to be uploaded to the cloud is still being determined, some top-secret information will continue to be stored at existing ASD sites.

The ASD, responsible for foreign signals intelligence, cyber warfare, and information security, is often compared to the U.S. National Security Agency. The collaboration with AWS aims to enhance defense resilience, improve the Australian Defense Force’s warfighting capabilities, and strengthen interoperability with key international partners.

Air-Gapped Cloud System: What Does it Mean and How Secure is it?

One important aspect of the project is that the cloud system will be air-gapped, meaning it will not be connected to the internet. However, the ASD has yet to provide specific details about what this “air gap” entails. Historically, an air-gapped network has no online connection to any other network, including USB connections, network connections, wireless, or fiber. In such systems, the only way to transfer information is through physical means like cell phones, USB drives, DVDs, or CDs.

Notable examples of breaches in air-gapped systems highlight the potential risks involved. In 2010, the Stuxnet worm infiltrated Iran’s air-gapped system and caused significant damage to its nuclear centrifuges. The malware spread through USB drives plugged into the network. Similarly, in 2016, researchers discovered the Project Sauron malware, which targeted air-gapped networks and had been active on 30 networks for five years. It used various infection techniques, including exploiting software vulnerabilities and infected USB installers.

More recently, in 2019, the Ramsay framework was uncovered. This cyber-espionage toolkit specifically targeted air-gapped networks and utilized multiple infection techniques, making it harder to detect. Additionally, Cottonmouth-1 is a malware that can create a wireless bridge to an air-gapped computer when connected through a USB cable.

It’s important to note that breaching an air-gapped system doesn’t always require direct access to the data itself. Other methods include stealing data through power lines or exploiting security cameras with infrared capabilities.

Relying on Amazon Web Services: Weighing the Risks

One element of the ASD’s cloud system project that raises questions is the decision to partner with AWS instead of keeping the project in-house. While currently available information suggests that the data won’t be stored on an AWS server, it’s worth considering the potential risks associated with using a cloud service provider.

Like any other cloud service provider, AWS has experienced major data breaches in the past. In May 2022, over 6.5 terabytes of exposed information belonging to Pegasus Airlines were identified on unprotected AWS servers. This included navigation information, proprietary software, and personal data of the airline’s crew members. In a separate incident, a hacker group breached FlexBooker, an online booking platform hosted on an AWS server, and stole data on approximately three million users.

While AWS has robust security measures in place, these breaches serve as a reminder that no system is completely immune to attacks. The ASD will need to closely monitor and ensure the security of its classified information as it collaborates with AWS.

Conclusion

The partnership between the Australian Signals Directorate and Amazon Web Services aims to establish a cloud system that will improve classified information sharing between defense and security agencies. The air-gapped nature of the cloud system presents both advantages and potential vulnerabilities. The history of breaches in air-gapped systems highlights the need for robust security measures to protect against advanced cyber threats.

Additionally, the decision to rely on AWS as a partner raises concerns about the security of the data involved. While AWS has experienced data breaches in the past, it is crucial for the ASD to work closely with the cloud service provider to mitigate risks and ensure the protection of classified information.

Overall, the ASD’s initiative is an important step towards enhancing defense capabilities and strengthening international partnerships. However, it is essential to remain vigilant and address potential security challenges to ensure the success of this project.