You are here

Amazon Announces "AWS Secret" Service For The CIA, US Intelligence

Shortly after Wired first profiled the NSA's new super spycenter in Bluffdale, Utah (one year before Snowden confirmed that much of the agency's activity involved spying on US citizens and soon to be presidents), speculation emerged as to how much data storage capacity this brand new US spy hub would have. According to a then-estimate by Forbes, the storage capacity at the Bluffdale facility was between 3 and 12 exabytes ( 1 exabyte is 1 billion gigabytes) based on analysis of unclassified blueprints, although some had vastly greater estimates ranging from yottabytes (in Wired) to 5 zettabytes (on NPR), a.k.a. words that most probably can’t pronounce but translate to ‘a lot.'

And, in retrospect, it appears to not have been enough, because on Monday, Amazon Web Services announced it was now offering a commercial cloud service to the US Intelligence Community (i.e. spies on both foreign targets and US presidential campaigns) called, directly enough "Secret Region" that can operate workloads up to the Secret U.S. security classification level.

“Today we mark an important milestone as we launch the AWS Secret Region,” said Teresa Carlson, Vice President, Amazon Web Services Worldwide Public Sector. “AWS now provides the U.S. Intelligence Community a commercial cloud capability across all classification levels: Unclassified, Sensitive, Secret, and Top Secret. The U.S. Intelligence Community can now execute their missions with a common set of tools, a constant flow of the latest technology and the flexibility to rapidly scale with the mission. The AWS Top Secret Region was launched three years ago as the first air-gapped commercial cloud and customers across the U.S. Intelligence Community have made it a resounding success. Ultimately, this capability allows more agency collaboration, helps get critical information to decision makers faster, and enables an increase in our Nation’s Security.”

Catching many by surprise by going public with its close and explicit commercial ties to the US intel community, in the process validating recurring rumors, Jeff Bezos who along with Google and FaceBook, has been accused of becoming a data collection sieve for US spies in exchange for a "commission", was delighted to parade with the new designation of enabling the NSA, CIA and FBI's data retention, and said that "with the launch of this new Secret Region, AWS becomes the first and only commercial cloud provider to offer regions to serve government workloads across the full range of data classifications, including Unclassified, Sensitive, Secret, and Top Secret."

It also noted that "by using the cloud, the U.S. Government is better able to deliver necessary information and data to mission stakeholders." Of course, it also makes it especially easy for any Russian hackers who allegedly have access to the NSA's own counterhacking tools, to penetrate any cloud, whether Amazon's or anyone else's, and intercept critical "Sensitive, Secret, and Top Secret" information... and then have those same Russians be blamed for the favorite candidate losing the presidential election.

As for Bezos, he has so far managed to slip through the cracks of an angry populist backlash against up and coming highly politicized monopoly powers, who just happen to own the Washington Post. A few more transactions such as this one, however, and the blowback just may be inevitable.

Also, we wonder if today's deal will cement Alexa's status as the CIA's favorite in-house, internet-of-spying-things always on microphone?

Full Amazon statement below:

Announcing the New AWS Secret Region

We are pleased to announce the new AWS Secret Region. The AWS Secret Region can operate workloads up to the Secret U.S. security classification level. The AWS Secret Region is readily available to the U.S. Intelligence Community (IC) through the IC’s Commercial Cloud Services (C2S) contract with AWS. The AWS Secret Region also will be available to non-IC U.S. Government customers with appropriate Secret-level network access and their own contract vehicles for use of the AWS Secret Region. These contract vehicles will not be part of the IC’s C2S contract.

With the launch of this new Secret Region, AWS becomes the first and only commercial cloud provider to offer regions to serve government workloads across the full range of data classifications, including Unclassified, Sensitive, Secret, and Top Secret. By using the cloud, the U.S. Government is better able to deliver necessary information and data to mission stakeholders.

“Today we mark an important milestone as we launch the AWS Secret Region,” said Teresa Carlson, Vice President, Amazon Web Services Worldwide Public Sector. “AWS now provides the U.S. Intelligence Community a commercial cloud capability across all classification levels: Unclassified, Sensitive, Secret, and Top Secret. The U.S. Intelligence Community can now execute their missions with a common set of tools, a constant flow of the latest technology and the flexibility to rapidly scale with the mission. The AWS Top Secret Region was launched three years ago as the first air-gapped commercial cloud and customers across the U.S. Intelligence Community have made it a resounding success. Ultimately, this capability allows more agency collaboration, helps get critical information to decision makers faster, and enables an increase in our Nation’s Security.”

Architected for Compliance

Cloud security at AWS is the highest priority. AWS customers benefit from data center and network architecture built to meet the requirements of the most security-sensitive organizations. AWS supports more classification levels, laws, regulations, and security frameworks than any other cloud provider.

The AWS Secret Region is designed and built to meet the regulatory and compliance requirements of the IC. The AWS Secret Region will be assessed and accredited for security compliance under the Director of National Intelligence (DNI) Intelligence Community Directive (ICD 503) and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Revision 4.

Open for U.S. Government Customers

With the new AWS Secret Region, we are bringing the same tools and workflows that are already  available for Top Secret workloads to customers with Secret datasets and workloads.

The C2S contract between AWS and the IC, an arrangement exclusively available to the IC, affords for the use of AWS Secret Region services, making this new infrastructure readily available to members of the IC.

The AWS Secret Region is a key component of the Intel Community’s multi-fabric cloud strategy. It will have the same material impact on the IC at the Secret level that C2S has had at Top Secret,” said John Edwards, CIO, Central Intelligence Agency.

Learn more about existing AWS Regions securely designed for the U.S. Government by watching John G. Edwards, Chief Information Officer, CIA, share an update at the 2017 AWS Public Sector Summit in Washington, DC on how the CIA has placed a big bet on adopting commercial cloud technology and how AWS has been pivotal in helping them to deliver on their mission.

For more information

Contact AWS Worldwide Public Sector here.