By Ellen Nakashima
Washington Post Staff Writer
Monday, November 29, 2010; A01
The release of a huge tranche of U.S. diplomatic cables has laid bare the primary risk associated with the U.S. government's attempt to encourage better information-sharing: Someone is bound to leak.
The U.S. intelligence community came under heavy criticism after Sept. 11, 2001, for having failed to share data that could have prevented the attacks that day. In response, officials from across the government sought to make it easier for various agencies to share sensitive information - effectively giving more analysts wider access to government secrets.
But on Sunday, the Web site WikiLeaks, which had previously released sensitive U.S. documents about the wars in Afghanistan and in Iraq, once again proved that there's a downside to better information-sharing.
"One of the consequences [of 9/11] is you gave a lot of people access to the dots," said Jeffrey H. Smith, a former CIA general counsel. "At least one of the dots, apparently, was a bad apple."
While WikiLeaks has not identified the source of the more than 250,000 cables, suspicions have centered on an Army private, Bradley Manning, 23, who was also the suspected source of the military intelligence documents from Iraq and Afghanistan.
In a series of chats with an online companion, Manning said this spring that "*someone* i know" - apparently a coy self-reference - had gained access to 260,000 State Department cables from embassies and consulates around the world "explaining how the first world exploits the third, in detail."
"Hilary Clinton [sic], and several thousand diplomats around the world are going to have a heart attack when they wake up one morning, and finds an entire repository of classified foreign policy is available, in searchable format to the public," he said, according to logs of the chats given to The Washington Post.
Manning's attorney, David Coombs, declined to comment Sunday but has previously said he has no knowledge of whether his client leaked documents.
In recent weeks, senior administration officials have warned that the WikiLeaks disclosures could affect the balance of weighing the "need to know" versus the need to protect sensitive material, sources and methods.
The director of U.S. national intelligence, James Clapper, has said he believes the WikiLeaks releases will have a "chilling effect" on information-sharing.
"We have to do a much better job of auditing what is going on on any [intelligence community] computer," he said this month. "And so if somebody's downloading a half-million documents . . . we find out about it contemporaneously, not after the fact."
To prevent further breaches, the Pentagon announced Sunday it had ordered the disabling of a feature on its classified computer systems that allows material to be copied onto thumb drives or other removable devices.
The Defense Department will limit the number of classified systems from which material can be transferred to unclassified systems. It will also require that two people be involved in moving data from classified to unclassified systems.
Such efforts "should have been done long ago before any of this happened," said Steven Aftergood of the Federation of American Scientists. The rush to knock down so-called "stove-piping" without hardening operational security "was asking for trouble," he said.
Rep. Pete Hoekstra (R-Mich.), vice chairman of the House Intelligence Committee, called the Pentagon's new security measures "Cyber 101." He questioned a database design that would allow an intelligence analyst in Baghdad - where Manning was stationed - access to State Department cables.
The military relies on Siprnet, or Secret Internet Protocol Network, to transmit classified operational information securely and outside the commercial Internet.
A former senior intelligence official said that over the past decade access to Siprnet has ballooned to about 500,000 or 600,000 people, including embassy personnel, military officials from other countries, state National Guard officials and Department of Homeland Security personnel. That is partly in response to calls for data-sharing and partly because agencies such as the State Department wanted a way to communicate classified information without going to the expense of setting up their own network, said the former official, requesting anonymity because Siprnet's size and uses are considered a sensitive matter.
He said that the answer to network breaches is not to restrict access but to improve the vetting of personnel by strengthening the clearance process.
"The fact that you've got someone exfiltrating information doesn't mean you've got a technical problem," he said. "You've got a human problem."
After WikiLeaks in 2007 posted a series of leaked military documents about tactics used in the battle of Fallujah in Iraq and alleged human rights violations at Guantanamo Bay prison, an analyst at the Army Counterintelligence Center wrote a classified report concluding that WikiLeaks posed a potential operational and information security threat.
The "possibility that current employees or moles within DoD or elsewhere are providing sensitive or classified information to WikiLeaks cannot be ruled out," the analyst, Michael Horvath, wrote in the February 2008 report. He recommended the military enhance training on proper handling of classified information and on how to detect and report on an insider threat. But according to a military source, no action was taken on his report.
While Aftergood welcomed the Pentagon's newly announced security measures, he said they do not address the problem of overclassification. "A more discriminating approach to classifying information would yield a smaller volume of information requiring protection, making it easier to protect," he said.