New NSA leak exposes Red Disk, the Army’s failed …

Category: NSA

The contents of a highly sensitive hard drive belonging to a division of the National Security Agency have been left online.

The virtual disk image contains over 100 gigabytes of data from an Army intelligence project, codenamed "Red Disk." The disk image belongs to the US Army's Intelligence and Security Command, known as INSCOM, a division of both the Army and the NSA.

The disk image was left on an unlisted but public Amazon Web Services storage server, without a password, open for anyone to download. Unprotected storage buckets have become a recurring theme in recent data leaks and exposures. In the past year alone, Accenture, Verizon, and Viacom, and several government departments, were all dinged by unsecured data.

Chris Vickery, director of cyber risk research at security firm UpGuard, found the data and informed the government of the breach in October. The storage server was subsequently secured, though its owner remains unknown.

The leak marks yet another exposure of classified government data. Since the Edward Snowden disclosures in 2013, the agency made headlines last year when Harold Martin, an NSA contractor, was indicted for removing terabytes of secret data from the agency's headquarters. Another contractor, Reality Winner, was indicted this year for leaking classified secrets to news site The Intercept.

When approached prior to publication, an NSA spokesperson did not return a request for comment. An INSCOM spokesperson was unable to comment by the time of publication.

The disk image, when unpacked and loaded, is a snapshot of a hard drive dating back to May 2013 from a Linux-based server that forms part of a cloud-based intelligence sharing system, known as Red Disk. The project, developed by INSCOM's Futures Directorate, was slated to complement the Army's so-called distributed common ground system (DCGS), a legacy platform for processing and sharing intelligence, surveillance, and reconnaissance information.

Each branch of the military has its own version of the intelligence sharing platform -- the Army's is said to be the largest -- but the Army's system struggled to scale to the number of troops who need it.

Red Disk was envisioned as a highly customizable cloud system that could meet the demands of large, complex military operations. The hope was that Red Disk could provide a consistent picture from the Pentagon to deployed soldiers in the Afghan battlefield, including satellite images and video feeds from drones trained on terrorists and enemy fighters, according to a Foreign Policy report.

But the system was slow, crash prone, and difficult to use. A memo from 2014 by soldiers with one deployed brigade said the system was "a major hindrance to operations," as reported by the Associated Press.

The Pentagon spent at least $93 million on Red Disk, but it was never fully deployed in the field. The project has since been largely seen as a failure.

While the contents of the disk are readable, the system itself wouldn't boot -- likely because it relies on dependent systems and servers that are only available from within the Pentagon's network. But the files alone offer a glimpse into how Red Disk worked.

Red Disk was a modular, customizable, and scalable system for sharing intelligence across the battlefield, like electronic intercepts, drone footage and satellite imagery, and classified reports, for troops to access with laptops and tablets on the battlefield. Marking files found in several directories imply the disk is "top secret," and restricted from being shared to foreign intelligence partners.

Red Disk could draw in vast amounts of intelligence, documents, videos, and audio from several sources, including signals intelligence, radar, wide area aerial surveillance, drones, and audio databases -- some fed in directly from the NSA. That raw, mostly unstructured data passed through software called NiFi (formerly NiagraFiles), a since declassified NSA system to support highly scalable and flexible data flows, which directs different kinds of data across multiple computer networks and geographically dispersed sites. That was particularly useful for Red Disk, which relied on obtaining and sending data over wide areas.

An icon found in the leaked files, used to "target" individuals of interest. (Image: supplied)

The data then was sorted and organized through various filters. The data would be indexed, allowing analysts to carry out metadata tagging, extract geo-temporal information, and run a data provenance process to verify the source and owner of certain data.

All the collected intelligence would be stored in a central repository to be analyzed, correlated, and enriched. An analyst could pull intelligence from the repository based on their security clearance. An analyst would obtain their access from their Pentagon-issued certificate-based credentials, which grants them access only to data they are permitted to see.

The system also comes with several plug-in apps, allowing analysts to interact with intelligence data. One program includes DOMEX, a document and media program for analyzing seized documents and electronic evidence.

Several files also point to biometric analysis tools, and an integration of human language technologies to allow analysts to query reports and play audio in English.

One image found on the drive reveals how analysts can target individuals of interest, such as potential terrorists, in the DCGS system for later action -- such as by ground troops or autonomous drones.

Vickery noted that the disk image also contains other sensitive files, including private keys used for the system to access other servers on the intelligence community's network. The keys belong to a third-party firm, Invertix, a working partner of INSCOM and a key developer of Red Disk.

Invertix, now named Altamira Technologies, did not respond to a request for comment.

INSCOM's data exposure is the latest in a long list of government leaks in the past year.

Several government agencies, including US Central Command and US Pacific Command and the National Geospatial Intelligence Agency, charged with analyzing top secret satellite imagery, have admitted exposing sensitive or classified information.

Vickery, who searches for exposed data online, has been responsible for finding much of the data. But he said the latest data exposure was entirely avoidable.

"What are we doing wrong when 'top secret' data is literally two mouse clicks away from worldwide exposure?" he said. "How did we get here, and how do we find a way out?"

Contact me securely

Zack Whittaker can be reached securely on Signal and WhatsApp at 646-7558849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

See the rest here:
New NSA leak exposes Red Disk, the Army's failed ...

Is National Storage Affiliates Trust (NSA) Share Price Misaligned With Its DCF Estimate Today - Yahoo Finance - March 9th, 2026 [March 9th, 2026]
Interview with 2026 AFI NSA Naples Spouse of the Year, Dannielle Niewald - Stripes Europe - March 9th, 2026 [March 9th, 2026]
Iranian drones strike apartments in city thats home to NSA Bahrain - Stars and Stripes - March 7th, 2026 [March 7th, 2026]
"At this point, US win is going to be pretty elusive," says former US Principal Dy NSA Jon Finer on Iran... - lokmattimes.com - March 7th, 2026 [March 7th, 2026]
"Over next 5-10 years, you are likely to see emergence of new nuclear powers": Former US NSA official Jon... - lokmattimes.com - March 7th, 2026 [March 7th, 2026]
China tends to pursue strategy of staying on good terms with everyone: Former US NSA official Finer - ANI News - March 7th, 2026 [March 7th, 2026]
NSA (NSA) Executive Chair Fischer reports new OP unit awards and LTIP conversions - Stock Titan - March 4th, 2026 [March 4th, 2026]
Cyber retaliation from Iran is a problem for U.S. companies 'It's in the hands of a 19-year-old hacker in a Telegram room,' ex-NSA operative says -... - March 4th, 2026 [March 4th, 2026]
Ajit Doval Indias Most Useless NSA Ever Says Netizens: Zero Intel on Uri, Pulwama, Galwan, Iran War & More - indiaherald.com - March 4th, 2026 [March 4th, 2026]
Sheep Village Cynefin to be launched by RWAS and NSA at the Royal Welsh Show - Shropshire Star - March 4th, 2026 [March 4th, 2026]
Wyden blocks nominee to lead NSA and Cyber Command - Federal News Network - February 27th, 2026 [February 27th, 2026]
Wyden blocks Rudd confirmation to lead Cyber Command, NSA - The Record from Recorded Future News - February 27th, 2026 [February 27th, 2026]
NSA said to have seen security concerns in Grok - breakingthenews.net - February 27th, 2026 [February 27th, 2026]
NSA: Solid Q4 Beat and Favorable 2026 Outlook, But Cost Pressures and High Expectations Justify Hold Rating - TipRanks - February 27th, 2026 [February 27th, 2026]
Videotron and Samsung Expand Partnership Through 5G NSA and 4G LTE Core Gateway Deployment - samsung.com - February 24th, 2026 [February 24th, 2026]
Videotron Taps Samsung for Cloud-Native 5G NSA and LTE Core Gateway Solution - The Fast Mode - February 24th, 2026 [February 24th, 2026]
El-Rufai Demanded to Provide Evidence in NSA Hacking Claims - streamlinefeed.co.ke - February 24th, 2026 [February 24th, 2026]
DSS to arraign El-Rufai on Feb. 25 over alleged NSA phone interception - Businessday NG - February 24th, 2026 [February 24th, 2026]
Securus Technologies Supports Expansion of Sheriff-Led NSA I.G.N.I.T.E. Initiative to Improve Jail Safety and Reentry Outcomes - PR Newswire - February 7th, 2026 [February 7th, 2026]
NSA set to deal with defiant parties, politicians, supporters on integrity of democratic process - ThePointNG - February 7th, 2026 [February 7th, 2026]
Where NSA zero trust guidance aligns with enterprise reality - Help Net Security - February 4th, 2026 [February 4th, 2026]
UNG third in Division 1 of NSA cyber event - University of North Georgia - February 4th, 2026 [February 4th, 2026]
Green Beret Lieutenant General Joshua Rudd Tapped To Lead NSA and US Cyber Command - SOFREP - February 4th, 2026 [February 4th, 2026]
SC Flags Health Concerns, Urges Rethink on Sonam Wangchuks NSA Detention - The Morning Voice - February 4th, 2026 [February 4th, 2026]
What security teams need to know about the NSA's new zero trust guidelines - IT Pro - February 4th, 2026 [February 4th, 2026]
'India won't be bullied': NSA Ajit Doval told Marco Rubio that New Delhi would wait out Trump term for trade deal: Report - theweek.in - February 4th, 2026 [February 4th, 2026]
When Protest becomes a Threat: Inside the Supreme Court hearing on Sonam Wangchuks NSA detention - SabrangIndia - February 4th, 2026 [February 4th, 2026]
If NSA Commits Database Query Violations, But Nobody Audits Them, Do They Really Happen? - emptywheel - February 4th, 2026 [February 4th, 2026]
Army general tapped to lead NSA vows to follow the law if confirmed - Military Times - February 1st, 2026 [February 1st, 2026]
Overturned tractor-trailer shuts portion of Route 32 near NSA - WBAL-TV - February 1st, 2026 [February 1st, 2026]
Nominee to lead NSA backs controversial spying law - Defense One - February 1st, 2026 [February 1st, 2026]
NSA pick champions foreign spying law as nomination advances - The Record from Recorded Future News - February 1st, 2026 [February 1st, 2026]
NSA Releases Phase One and Phase Two of the Zero Trust Implementation Guidelines - National Security Agency (.gov) - February 1st, 2026 [February 1st, 2026]
Army General Tapped to Lead NSA Said He Doesnt Know Much About the Biggest NSA Controversy - The Intercept - February 1st, 2026 [February 1st, 2026]
Trump's pick to lead the NSA vows to follow the law if confirmed - ABC News - February 1st, 2026 [February 1st, 2026]
Trump's pick to lead the NSA vows to follow the law if confirmed - Oskaloosa Herald - February 1st, 2026 [February 1st, 2026]
Trump's pick to lead the NSA vows to follow the law if confirmed - The Derrick - February 1st, 2026 [February 1st, 2026]
Overturned tractor-trailer shuts westbound Maryland Route 32 near NSA exit, police say - WBAL News Radio - February 1st, 2026 [February 1st, 2026]
SC to hear plea against Sonam Wangchuks NSA detention on February 2 - The New Indian Express - February 1st, 2026 [February 1st, 2026]
Powys sheep sector to hear from Llyr Gruffydd at NSA meeting - County Times - February 1st, 2026 [February 1st, 2026]
NSA calls for consultation on castration and tail docking to involve sheep farmers - cravenherald.co.uk - January 24th, 2026 [January 24th, 2026]
NSA launches 13th annual survey for insight into cases of sheep worrying by dogs - Yahoo News UK - January 24th, 2026 [January 24th, 2026]
NSA Ajit Doval says he doesn't use phone or internet. Here's why - MSN - January 14th, 2026 [January 14th, 2026]
NSA Ajit Doval says he doesnt use phone or internet; shares views on Indias future and youth - WION - January 11th, 2026 [January 11th, 2026]
Liberia: NSA Director's Special Assistant Suspended Amid Alleged Gang Sodomy of 15-Year-Old; Authorities Remain Silent - FrontPageAfrica - January 11th, 2026 [January 11th, 2026]
'Wars happen because some countries want to impose their will on others': NSA Ajit Doval - Deccan Herald - January 11th, 2026 [January 11th, 2026]
We have to avenge our history: NSA Ajit Doval urges youth to make India great in every aspect - The Indian Express - January 11th, 2026 [January 11th, 2026]
CISA, NSA, and Canadian Cyber Centre update Brickstorm analysis with new Rust-based variants - Industrial Cyber - January 11th, 2026 [January 11th, 2026]
ROVER communication terminals approved for international use by NSA - Military Embedded Systems - January 9th, 2026 [January 9th, 2026]
L3Harris ROVER and TNR systems gain NSA approval enabling secure coalition interoperability - Defence Industry Europe - January 9th, 2026 [January 9th, 2026]
Former NSA insider Kosiba brought back as spy agencys No. 2 - The Record from Recorded Future News - January 9th, 2026 [January 9th, 2026]
Trumps tariff threat to India self-inflicted wound: Former US NSA John Bolton - The Indian EYE - January 9th, 2026 [January 9th, 2026]
NSA Scotland demands support for sheep farmers ahead of Holyrood elections - Farmers Guardian - January 9th, 2026 [January 9th, 2026]
Announcing tariffs for purchasing Russian oil unfortunate: Former US NSA backs closer relationship with India - Punjab News Express - January 9th, 2026 [January 9th, 2026]
NSA Ajit Doval likely to be part of Indian delegation at WEF in Davos - The New Indian Express - January 9th, 2026 [January 9th, 2026]
"A lot of hot air": Former NSA John Bolton on Trump's remarks on possible action beyond Venezuela - ANI News - January 9th, 2026 [January 9th, 2026]
NSA employee sues Trump administration over order on transgender rights and two 'immutable' genders - Yahoo - December 22nd, 2025 [December 22nd, 2025]
NSA employee sues the Trump administration over transgender rights and 'immutable' genders - AP News - December 22nd, 2025 [December 22nd, 2025]
Senior official at Indo-Pacific Command is set to be Trumps pick to lead Cyber Command, NSA - The Record from Recorded Future News - December 22nd, 2025 [December 22nd, 2025]
NSA employee sues the Trump administration over transgender rights and 'immutable' genders - Temple Daily Telegram - December 22nd, 2025 [December 22nd, 2025]
Potential NSA, Cyber Command leader nomination transmitted to Senate - Nextgov/FCW - December 22nd, 2025 [December 22nd, 2025]
After Eight Months, White House Names Nominee To Head NSA And CYBERCOM - Defense Daily - December 22nd, 2025 [December 22nd, 2025]
Fubara Hosts NSA, Says Tinubu Happy With Rivers Governor - TVC News - December 22nd, 2025 [December 22nd, 2025]
CISA, NSA warn of Chinas BRICKSTORM malware after incident response efforts - The Record from Recorded Future News - December 10th, 2025 [December 10th, 2025]
CISA and NSA Warn of BRICKSTORM Malware Attacking VMware ESXi and Windows Environments - CybersecurityNews - December 10th, 2025 [December 10th, 2025]
NSA, CISA, and Others Release Guidance on Integrating AI in Operational Technology - National Security Agency (.gov) - December 4th, 2025 [December 4th, 2025]
NSA has met 2,000-person workforce reduction goal, people familiar say - Nextgov/FCW - December 4th, 2025 [December 4th, 2025]
NSA Doval, Thai Foreign Minister Phuangketkeow discuss maritime security, threats of online scams - The Indian EYE - December 4th, 2025 [December 4th, 2025]
NSA Doval, Thai FM discuss maritime security, threats of online scams - Awaz The Voice - December 4th, 2025 [December 4th, 2025]
All-clear issued about 2 hours after NSA Naples schools evacuated over potential threat - Stars and Stripes - November 18th, 2025 [November 18th, 2025]
'Dhurandhar': R Madhavan reveals Aditya Dhar's little trick that perfected his NSA-inspired look for the - The Times of India - November 18th, 2025 [November 18th, 2025]
Army officer with Indo-Pacific experience emerges as potential Cyber Command, NSA pick - The Record from Recorded Future News - November 18th, 2025 [November 18th, 2025]
NSA Dr Rahman to attend Security Conclave in New Delhi - United News of Bangladesh - November 18th, 2025 [November 18th, 2025]
Man claims NSA told him to shatter glass at AT&T building with hatchet, Nashville police say - WSMV - November 18th, 2025 [November 18th, 2025]
How the heartbreaking lack of a confirmed leader is impacting CYBERCOM and NSA - Breaking Defense - November 7th, 2025 [November 7th, 2025]
Goa invokes NSA for three months to tackle anti-socials - The Times of India - November 7th, 2025 [November 7th, 2025]
CISA, NSA and other unveil security blueprint to harden Microsoft Exchange servers - Homeland Preparedness News - November 7th, 2025 [November 7th, 2025]
NSA Shares Q3 Revenue Results Below Expectations - GuruFocus - November 7th, 2025 [November 7th, 2025]
Filipinos aware of civilian supremacy over military NSA Ao - Philippine News Agency - October 28th, 2025 [October 28th, 2025]
Sonam Wangchuk says his words were twisted to justify his NSA detention - The Statesman - October 26th, 2025 [October 26th, 2025]

November 30th, 2017

No comments yet

Comments are closed.

Mediaboss Marketing

New NSA leak exposes Red Disk, the Army’s failed …

About

Pages

Categories

Media Sites

Recommended Sites

Archives