21 August 2021

UNINTENDED CONSEQUENCES: Sensitive Data On Afghan Allies Collected By The US Military Is Now In The Hands Of The Taliban

INtro: While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone.
But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps 

Sensitive Data On Afghan Allies Collected By The US Military Is Now In The Hands Of The Taliban

from the fuck-those-helpful-guys,-I-guess dept

And The problem with harvesting reams of sensitive data is that it presents a very tempting target for malicious hackers, enemy governments, and other wrongdoers. That hasn't prevented anyone from collecting and storing all of this data, secure only in the knowledge this security will ultimately be breached.
What Could Go Wrong? (@CouldWrong) | Twitter

Hack after hack after hack after hack has shown entities seem to be far more interested in collecting data than protecting data. While steps are undoubtedly taken to protect the info gathered by government agencies and numerous super-snoopy private companies, sooner or later they're never enough. It's not that these data collections are always unnecessary. It's that a breach is pretty much inevitable. And yet that inevitability almost always gets greeted as a surprise by those on the end of a malicious hacking.

What's happening in Afghanistan isn't exactly unprecedented. We saw the same thing happen when the United States military pulled out of Vietnam. The enemies that the US presence was supposed to deter were completely undeterred by local military (one we were supposed to be training to be self-reliant) left behind. We have exited one of our Forever Wars and the Taliban -- proud supporters of Al-Qaeda -- is taking over.

What Could Go Wrong GIFs | Tenor

The Taliban is getting everything we left behind. It's not just guns, gear, and aircraft.

It's the massive biometric collections we amassed while serving as armed ambassadors of goodwill. The stuff the US government compiled to track its allies are now handy repositories that will allow the Taliban to hunt down its enemies. Ken Klippenstein and Sara Sirota have more details for The Intercept.
Handheld Interagency Identity Detection Equipment High Resolution Stock  Photography and Images - Alamy

The devices, known as HIIDE, for Handheld Interagency Identity Detection Equipment, were seized last week during the Taliban’s offensive, according to a Joint Special Operations Command official and three former U.S. military personnel, all of whom worried that sensitive data they contain could be used by the Taliban.

U.S. Scans Afghan Inmates for Biometric Database | WIRED

HIIDE devices contain identifying biometric data such as iris scans and fingerprints, as well as biographical information, and are used to access large centralized databases.

Enhancing the Usability of the Human Machine Interface: Handheld  Interagency Identity Detection Equipment (HIIDE)

It’s unclear how much of the U.S. military’s biometric database on the Afghan population has been compromised.                

At first, it might seem that this will only allow the Taliban to high-five each other for making the US government's shit list. But it wasn't just used to track terrorists. It was used to track allies.

While billed by the U.S. military as a means of tracking terrorists and other insurgents, biometric data on Afghans who assisted the U.S. was also widely collected and used in identification cards, sources said.

The Defense Intelligence Agency that oversaw these data collections understandably had no comment. I mean, what could it say? That this wasn't an inevitability? That pulling out of a country means taking all your stuff with you, including tons of data that won't even need to be exfiltrated to end up in enemy hands?

And even as the fall of Afghanistan appeared to be the inevitable outcome of leaving the country, the US government was trying to add to the pile of sensitive data now in the Taliban's possession.

[A] recent job posting by a State Department contractor sought to recruit a biometric technician with experience using HIIDE and other similar equipment to help vet personnel and enroll local Afghans seeking employment at U.S. embassies and consulates.

To claim this couldn't be foreseen is ridiculous.

US Military Biometric Devices Could be in the Hands of the Taliban | Risk  to Identify Afghan Nationals Who Worked for the US Gov | Tech Times

> Decades of propping up the Afghanistan government didn't make the area any more stable.

> The never-ending War on Terror ensured tons of sensitive data would be compiled, especially in countries where US-based constitutional rights don't apply.

> Pulling out may have been the right thing to do, but abandoning devices containing data on local allies and supporters is insane.

> Our government has had more than 200 years of practice. The people who helped us during our many years of ineffective occupation can now be targeted with ease. That should never be considered acceptable. Operational security shouldn't just protect the highest and mightiest in the US government. It should protect everyone the government relies on, including nationals abandoned by a government that had every opportunity to mitigate collateral damage."

Filed Under: afghanistan, data, sensitive data, surveillance, taliban, us military

More

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support.

No comments: