back to article Pentagon again delays JWCC cloud mega-deal

The United States Department of Defense has delayed awarding a contract for its massive cloud project – known as the Joint Warfighting Cloud Capability (JWCC) – until December. The winners of the up-to-$9 billion project were slated to be announced in April. Pentagon chief information officer John Sherman told reporters on …

  1. hoola Silver badge

    Hmm, delayed again

    Perhaps this should be giving someone a clue that just switching to a cloud solution with any provider (or multiple) is not going to work.

    Maybe doing it themselves might be easier.......

  2. amanfromMars 1 Silver badge

    Greater Almighty Peer Groups ......

    .... An Advanced IntelAIgent Development for Advanced IntelAIgent Development with/for/from SMARTR Beings/an Enlightened and Enlightening Civilisation.

    One may like to think and realise, as maybe now does the Department of Defense realise, to have military services, personnel and assets in a Cloud Environment, immediately renders all of that as exorbitantly ever more expensive indefensible treasure all too easily plundered and neutralised or reverse engineered and used against one’s own suppliers and allies by an increasingly more virtually astute and practically anonymous/relatively unknown and unknowable SMARTR Private and Piratical Competition.

  3. An_Old_Dog Bronze badge
    Unhappy

    Strategic Stupidity

    It is insecure to have military or other classified or confidential government data on a cloud whose computers are publicly-accessible.

    Big-money lobbying overrules logic.

    1. Mobster

      Re: Strategic Stupidity

      What makes you think these assets are publicly accessible? See https://aws.amazon.com/blogs/publicsector/announcing-second-aws-top-secret-region-extending-support-us-government-classified-missions/

      1. An_Old_Dog Bronze badge

        Re: Strategic Stupidity

        @mobster: If it's on the Internet, it's "publicly accessible". I read the article you linked to. Without specific contrary info, I'm assuming that it somehow connects to the Internet. Why assume this? Because people, at all levels, WANT, and DEMAND to use the Internet for connectivity to Thing X, for convenience and/or cost-savings.

        It's not enough for "Secure System X" to be air-gapped. All the computers and communications equipment used in the process of designing, building, and updating it must also be isolated from the Internet. All communications (voice, video, FAX, other document transmission, etc.) involved in the process of designing, building, and updating it must be well-encrypted.

        I'm not picking on Amazon here. Organizations, even highly-regarded ones, do screw up. Examples (long text follows; URLs included):

        https://www.cbsnews.com/news/officials-second-u-s-government-hack-exposed-military-and-intel-data/

        WASHINGTON -- Hackers linked to China appear to have gained access to the sensitive background information submitted by intelligence and military personnel for security clearances, several U.S. officials said Friday, describing a second cyberbreach of federal records that could dramatically compound the potential damage.

        https://www.zdnet.com/article/leaked-us-military-files-exposed/

        Posted in Zero Day on March 13, 2017 | Topic: Cloud

        NEW YORK -- An unsecured backup drive has exposed thousands of US Air Force documents, including highly sensitive personnel files on senior and high-ranking officers. Security researchers found that the gigabytes of files were accessible to anyone because the internet-connected backup drive was not password protected. ... Nevertheless, this would be the second breach of military data in recent months. Potomac, a Dept. of Defense subcontractor, was the source of a large data exposure of military personnel files of physical and mental health support staff. Many of the victims involved in the data leak are part of the US Special Operations Command (SOCOM), which includes those both formerly employed by US military branches, such as the Army, Navy, and Air Force, and those presumably still on active deployment.

        https://www.extremetech.com/computing/84326-rsa-admits-securid-tokens-have-been-compromised-leaves-big-companies-unprotected

        RSA Admits SecurID Tokens Have Been Compromised, Leaves Big Companies Unprotected

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022