Insider threatWikiLeaks episode demonstrates insider security threat
Even the toughest security systems sometimes have a soft center that can be exploited by someone who has passed rigorous screening; the U.S. Defense Department’s Secret Internet Protocol Router Network (SIPRNet), a system of dedicated and encrypted lines and servers set up by the Pentagon in the 1990s globally to transmit material up to and including “secret,” the government’s second-highest level of classified information; in 1993, GAO report estimated more than three million U.S. military and civilian personnel had the clearance to access SIPRNet
Pfc. Bradley Manning and Julian Assange // Source: axisoflogic.com
The ongoing WikiLeaks exposé not only circulated hundreds of thousands of secretive government documents, it has also swiftly prompted changes to the system designed to share access to them. On Tuesday, the U.S. State Department cut off a military computer network’s access to its files, dramatically curtailing data sharing intended to help thwart future disasters like the 9/11 terrorist attacks.
In response to the leaks, the State Department announced it would cut access to its database of embassy cables via the U.S. Defense Department’s Secret Internet Protocol Router Network (SIPRNet), a system of dedicated and encrypted lines and servers set up by the Pentagon in the 1990s globally to transmit material up to and including “secret,” the government’s second-highest level of classified information. “Top secret” information may be shared electronically via the Joint Worldwide Intelligence Communications System (JWICS), another group of interconnected computer networks used by Defense and State to securely transmit classified information.
“We have temporarily severed the connection between this database and one classified network,” department spokesman Philip Crowley said Tuesday during a press briefing. “Steps are being made to correct weaknesses in the system that have become evident because of this leak.” Whereas diplomats and other officials generally have had access to State Department cables, Crowley added that the department has “temporarily narrowed” access to these documents.
Scientific American reports that after the 9/11 attacks, SIPRNet was expanded to help U.S. agencies share classified information more easily, with virtually all embassies and consulates on the system. A 1993 GAO report estimated more than three million U.S. military and civilian personnel had the clearance to access SIPRNet, although it remains unclear as to how many people now actually have roles that allow them to do so. The hope was to spur communication of the kind of vital clues that might have prevented that catastrophe. These links, ironically, probably helped WikiLeaks’s informant get access to confidential diplomatic messages.
The Defense Department claims to be enhancing its security in the wake of theWikiLeaks fiasco, implementing two-person handling rules for moving data from classified to unclassified systems and establishing “insider threat” working groups to prevent further leaks. The Pentagon says it is using the methods credit card companies use to detect suspicious or anomalous behavior and that 60 percent of its SIPRNet is now equipped with a host-based security system (HBSS) that can
