Watch CBSN Live

Congressman: File-Sharing Endangers National Security

WASHINGTON (CBS) Downloading bootlegged music and movies may be a petty offense compared to what a web security company and a Congressional committee found online using a popular file-sharing software.

Sensitive or confidential information that is now freely available on file-sharing networks include a safe house location for the First Family, information about the electronics on the President's helicopter, financial information for Supreme Court Justice Stephen Breyer, social security numbers and family information for every master sergeant in the Army, classified FBI files, including surveillance photos of an alleged Mafia hit man, and the medical records of some 24,000 patients of a Texas hospital.

That's according to the House Committee on Oversight and Government Reform.

The leaks are a result of "inadvertent file sharing," according to testimony at a hearing Wednesday by Thomas Sydnor, Senior Fellow and Director of the Center for the Study of Digital Property, Progress & Freedom Foundation.

How could this happen?

When parents and kids share a computer, file-sharing software that the kids install to trade music and movies, can, without their knowledge, make almost anything on the computer available to the Internet.

Sydnor testified that most computers users store files in the "My Documents" folder. When Lime Wire, a popular file-sharing software, is installed, all the files in that folder may be shared on the network. Users can change the settings to share only certain files, but many users are not aware of the option. Many other file-sharing programs operate in a similar manner.

The end result for many users is that private documents, including financial information, health records and identifying documents, could leak to the Internet. Child predators could also use the software to find photos of children, Sydnor said.

For government employees, the ramifications are even graver and could lead to sensitive information on their home computers leaking to the Internet.

In February, Tiversa, an Internet security firm, discovered a computer in Iran on a file-sharing network "that possessed highly sensitive information relating to Marine One."

Robert Boback, Tiversa's CEO, told Congress that his company also found that "malicious individuals" were using file-sharing software to search for credit card data, tax returns and medical bills. Bobek said his firm was able to locate over 275,000 tax returns from a peer-to-peer search.

Mark Gorton, chairman of the Lime Group, which makes Lime Wire, testified that his company had addressed the panel's security concerns by changing the default settings so that documents are not automatically shared and, in more recent versions of the software, made it impossible to share the entire "My Documents" directory.

Gorton also questioned the accuracy of Sydnor's report.

In response to the testimony, Committee Chairman Edolphus Towns (D - NY) seeks to ban peer-to-peer software from all government and contractor computers and networks. He also would like the Federal Trade Commission to investigate whether inadequate safeguards on file-sharing software such as Lime Wire constitute an unfair trade practice.

View CBS News In
CBS News App Open
Chrome Safari Continue